WP-Safety

Duplicate Post – duplicate pages, copy content, clone posts Security & Risk Analysis

wordpress.org/plugins/duplicate-post-rb

Duplicate Post RB makes it easy to duplicate posts, pages and custom post types. Create duplicate posts, clone content, automate duplication

3K active installs v1.6.1 PHP + WP 3.1+ Updated Mar 27, 2026
copy-pagescopy-postduplicate-pagesduplicate-postduplicate-posts
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Duplicate Post – duplicate pages, copy content, clone posts Safe to Use in 2026?

Generally Safe

Score 100/100

Duplicate Post – duplicate pages, copy content, clone posts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "duplicate-post-rb" plugin v1.5.8 exhibits a generally good security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant strength. The code also demonstrates strong practices with 100% of SQL queries using prepared statements and a high percentage of output escaping. Furthermore, the presence of nonce and capability checks indicates an awareness of common WordPress security mechanisms. The vulnerability history shows zero known CVEs, which is highly positive and suggests a well-maintained codebase over time.

However, a minor concern arises from the taint analysis, which identified two flows with unsanitized paths. While no critical or high severity issues were found, this warrants attention as unsanitized paths can sometimes lead to information disclosure or local file inclusion vulnerabilities if not properly handled. The presence of file operations without explicit details on their usage also leaves a small area for potential risk if these operations are not secured. Overall, the plugin appears robust, but the unsanitized path flows represent the primary area for improvement.

Key Concerns

  • Taint flows with unsanitized paths
Vulnerabilities
None known

Duplicate Post – duplicate pages, copy content, clone posts Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Duplicate Post – duplicate pages, copy content, clone posts Release Timeline

v1.6.1Current
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.0.10
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Duplicate Post – duplicate pages, copy content, clone posts Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
8
68 escaped
Nonce Checks
1
Capability Checks
8
File Operations
4
External Requests
0
Bundled Libraries
0

Output Escaping

89% escaped76 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths
create_item (src\restapi\REST_Profile_Import_Controller.php:65)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Duplicate Post – duplicate pages, copy content, clone posts Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 32
actioninitsrc\AdminUI\AdminBarMenu.php:22
actionwp_before_admin_bar_rendersrc\AdminUI\AdminBarMenu.php:43
actioninitsrc\AdminUI\AdminOptionsPage.php:31
actionadmin_enqueue_scriptssrc\AdminUI\AdminOptionsPage.php:41
actionadmin_menusrc\AdminUI\AdminOptionsPage.php:42
actionadmin_headsrc\AdminUI\AdminOptionsPage.php:85
actioninitsrc\AdminUI\ButtonBulkCopy.php:39
actionadmin_enqueue_scriptssrc\AdminUI\ButtonBulkCopy.php:57
filterbulk_actions-edit-postsrc\AdminUI\ButtonBulkCopy.php:59
filterbulk_actions-edit-pagesrc\AdminUI\ButtonBulkCopy.php:60
actionhandle_bulk_actions-edit-postsrc\AdminUI\ButtonBulkCopy.php:62
actionhandle_bulk_actions-edit-pagesrc\AdminUI\ButtonBulkCopy.php:63
actioninitsrc\AdminUI\ButtonCopy.php:35
filterpost_row_actionssrc\AdminUI\ButtonCopy.php:53
filterpage_row_actionssrc\AdminUI\ButtonCopy.php:54
actioninitsrc\AdminUI\ClassicEditorButtonCopy.php:35
actionpost_submitbox_misc_actionssrc\AdminUI\ClassicEditorButtonCopy.php:53
actioninitsrc\AdminUI\GutenbergEditorButtonCopy.php:34
actionenqueue_block_editor_assetssrc\AdminUI\GutenbergEditorButtonCopy.php:52
actionadd_meta_boxessrc\AdminUI\HistoryMetaBox.php:37
filterplugin_action_linkssrc\AdminUI\PluginList.php:27
actionadmin_enqueue_scriptssrc\ButtonCopyJSLoader.php:34
actionadmin_footersrc\ButtonCopyJSLoader.php:35
actioninitsrc\cli\Commands.php:26
actioninitsrc\ProfileType.php:33
actioninitsrc\ProfileType.php:36
actionrest_api_initsrc\restapi\REST_DuplicatePost_Controller.php:30
actionrest_api_initsrc\restapi\REST_General_Options_Controller.php:40
actionrest_api_initsrc\restapi\REST_Profile_Controller.php:36
actionrest_api_initsrc\restapi\REST_Profile_Export_Controller.php:36
actionrest_api_initsrc\restapi\REST_Profile_Import_Controller.php:36
actionrest_api_initsrc\restapi\REST_Profile_Options_Controller.php:40
Maintenance & Trust

Duplicate Post – duplicate pages, copy content, clone posts Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 27, 2026
PHP min version
Downloads16K

Community Trust

Rating96/100
Number of ratings9
Active installs3K
Alternatives

Duplicate Post – duplicate pages, copy content, clone posts Alternatives

Duplicate Post

Duplicate Post

copy-delete-posts

A
99

Duplicate post

300K 2 CVEs
Quick Copy – Duplicate Posts & Pages

Quick Copy – Duplicate Posts & Pages

duplicator-post-page

A
100

Easily duplicate any post or page, including all metadata and taxonomies, with just one click.

1K No CVEs
Duplicate Post and Clone Page

Duplicate Post and Clone Page

duplicate-post-and-clone-page

A
92

One click duplicate post and page. The best solution for easy copy page and post. It just works!

10 No CVEs
Copy it

Copy it

copy-it

A
100

Copy it

0 No CVEs
Clone Posts

Clone Posts

clone-posts

A
100

Easily clone (duplicate) Posts, Pages and Custom Post Types, including their custom fields (post_meta)

10K No CVEs
Developer Profile

Duplicate Post – duplicate pages, copy content, clone posts Developer Profile

rbplugins

8 plugins · 108K total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Duplicate Post – duplicate pages, copy content, clone posts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/duplicate-post-rb/assets/js/main.js
Script Paths
/wp-content/plugins/duplicate-post-rb/assets/js/main.js
Version Parameters
duplicate-post-rb/style.css?ver=duplicate-post-rb/assets/js/main.js?ver=

HTML / DOM Fingerprints

CSS Classes
rbDuplicatePostOptions
HTML Comments
RB Duplicate Post Contact: https://robosoft.co Created: 2025 Licensed under the GPLv3 license - http://www.gnu.org/licenses/gpl-3.0.html
Data Attributes
rbDuplicatePost_id
JS Globals
window.rb_duplicate_post_options_urlwindow.rb_duplicate_post
FAQ

Frequently Asked Questions about Duplicate Post – duplicate pages, copy content, clone posts