Does Duplicate Page or Post have any unpatched vulnerabilities?

No. All known vulnerabilities in Duplicate Page or Post have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Duplicate Page or Post compatible with WordPress 6.9.4?

According to WordPress.org data, Duplicate Page or Post 1.6.6 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Duplicate Page or Post updated?

Duplicate Page or Post was last updated on Feb 2, 2026. Frequent updates are generally a positive security signal.

What is Duplicate Page or Post's security score?

Duplicate Page or Post has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Duplicate Page or Post Security & Risk Analysis

wordpress.org/plugins/duplicate-page-or-post

Duplicate Page or Post is an great tool that allow to duplicate pages and posts. Now you can do it in one click.

10K active installs v1.6.6 PHP + WP 3.4.0+ Updated Feb 2, 2026

cloneclone-pageclone-postduplicate-pageduplicate-post

A · Safe

CVEs total1

Unpatched0

Last CVEJan 24, 2022

Plugin page Download

Safety Verdict

Is Duplicate Page or Post Safe to Use in 2026?

Generally Safe

Score 100/100

Duplicate Page or Post has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jan 24, 2022Updated 1mo ago

Risk Assessment

The "duplicate-page-or-post" plugin v1.6.6 exhibits a generally good security posture due to its limited attack surface and adherence to several WordPress security best practices. The absence of REST API routes, shortcodes, cron events, and file operations significantly reduces the potential for exploitation. The fact that all SQL queries utilize prepared statements and that there are no known unpatched vulnerabilities are strong positives. However, a notable concern arises from the low percentage of properly escaped output, indicating a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully within the plugin's output mechanisms. The vulnerability history, though currently clear of critical issues, shows a past CVE related to missing authorization, which, combined with the unescaped output, suggests a need for continued vigilance and thorough code review to prevent future authorization bypasses or XSS attacks.

Key Concerns

Low percentage of properly escaped output
Past vulnerability history (Missing Authorization)

Vulnerabilities

Duplicate Page or Post Security Vulnerabilities

CVEs by Year

1 CVE in 2022

2022

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2021-25075medium · 6.4Missing Authorization

Duplicate Page or Post <= 1.5.0 - Missing Authorization to Stored Cross-Site Scripting

Jan 24, 2022 Patched in 1.5.1 (729d)

Code Analysis

Analyzed Mar 16, 2026

Duplicate Page or Post Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

9% escaped55 total outputs

Attack Surface

Duplicate Page or Post Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_wpdevart_duplicate_post_parametrs_save_in_dbadmin\admin.php:16

WordPress Hooks 5

actionadmin_menuadmin\admin.php:14

filterpost_row_actionsadmin\admin.php:18

filterpage_row_actionsadmin\admin.php:19

actionadmin_action_wpdevart_duplicate_post_pageadmin\admin.php:20

actioninitwpdevart-duplicate-post.php:40

Maintenance & Trust

Duplicate Page or Post Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 2, 2026

PHP min version

Downloads245K

Community Trust

Rating82/100

Number of ratings9

Active installs10K

Alternatives

Duplicate Page or Post Alternatives

Duplicate Page and Post

duplicate-wp-page-post

Duplicate post, Duplicate page and Duplicate custom post or clone page and clone post.

80K 1 unpatched

WP Post Page Clone

wp-post-page-clone

Clone Post or Page with it's contents and settings in just one click.

80K 2 CVEs

WP Duplicate Page

wp-duplicate-page

Clone WordPress page, post, custom post types

60K 3 CVEs

SM Easy Duplicator

sm-easy-duplicator

100

Duplicate Posts / Pages & Custom Posts easily in Just single click.

100 No CVEs

Clone Page Or Post Plugin for WordPress

clone-page-or-post

Allow you to easily duplicate pages and posts with just one click!

10 No CVEs

Developer Profile

Duplicate Page or Post Developer Profile

wpdevart

45 plugins · 52K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

581 days

View full developer profile

Detection Fingerprints

How We Detect Duplicate Page or Post

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/duplicate-page-or-post/admin/css/duplicate_post_menu.css/wp-content/plugins/duplicate-page-or-post/admin/js/duplicate_post_menu.js

Script Paths

/wp-content/plugins/duplicate-page-or-post/admin/js/duplicate_post_menu.js

HTML / DOM Fingerprints

Data Attributes

wpdevart_duplicate_post_pagewpdevart_clone_post_page_nonce

JS Globals

wpdevart_js_object

FAQ