Vulnerabilities > Metaphorcreations > Post Duplicator > 2.23
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-11 | CVE-2024-12472 | Authorization Bypass Through User-Controlled Key vulnerability in Metaphorcreations Post Duplicator The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the mtphr_duplicate_post() due to insufficient restrictions on which posts can be duplicated. | 5.3 |
| 2022-03-10 | CVE-2021-33852 | Cross-site Scripting vulnerability in Metaphorcreations Post Duplicator 2.23 A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user's browser and can use an application as the vehicle for the attack. | 5.4 |