Moderate(1 user assessed)
Very High(1 user assessed)
Command and Control
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 220.127.116.11) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
Report as Exploited in the Wild
What do we mean by "exploited in the wild"?
By selecting this, you are verifying to the AttackerKB community that either you, or a reputable source (example: a security vendor or researcher), has observed an active attempt by attackers, or IOCs related, to exploit this vulnerability outside of a research environment.
A vulnerability should also be considered "exploited in the wild" if there is a publicly available PoC or exploit (example: in an exploitation framework like Metasploit).