CVSS 3.1 Score 5.3 of 10 (medium)


Published Feb 28, 2024


CVE-2024-1368 is a vulnerability found in the Page Duplicator plugin for WordPress. The vulnerability exists in all versions up to and including 0.1.1, allowing unauthenticated attackers to duplicate arbitrary posts and pages due to a missing capability check on the duplicate_dat_page() function. The risk score for this vulnerability is 25, indicating a medium severity level. There is no need for privileges or user interaction for exploitation, and the attack vector is through the network. The integrity impact of this vulnerability is low, while the confidentiality impact is none. Remediation for this vulnerability involves updating the Page Duplicator plugin to a version that includes a fix for the issue. Organizations using affected versions of the plugin should prioritize patching to prevent unauthorized data modification and potential misuse of duplicated content.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-1368 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options