Vulnerabilities > Wpdevart > Duplicate Page OR Post > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-21 | CVE-2021-25075 | Missing Authorization vulnerability in Wpdevart Duplicate Page or Post The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings, or perform such attack via CSRF. | 3.5 |