.. / CVE-2022-2551

Exploit for WordPress Duplicator <1.4.7 - Authentication Bypass (CVE-2022-2551)

Description:

WordPress Duplicator plugin before 1.4.7 is susceptible to authentication bypass. The plugin discloses the URL of the backup to unauthenticated visitors accessing the main installer endpoint. If the installer script has been run once by an administrator, this allows download of the full site backup without proper authentication.

Nuclei Template

View the template here CVE-2022-2551.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-2551.yaml

References:

https://github.com/ARPSyndicate/cvemon
https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2551
https://wordpress.org/plugins/duplicator/
https://wpscan.com/vulnerability/f27d753e-861a-4d8d-9b9a-6c99a8a7ebe0
https://nvd.nist.gov/vuln/detail/CVE-2022-2551

.. / CVE-2022-2551 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for WordPress Duplicator <1.4.7 - Authentication Bypass (CVE-2022-2551)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-2551