[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$foiLLObw7xNi4diSYMWuKIyTo53Q6F619ulPal3bmbqU":3,"$fMlL2RtIplep8GK23vvxnU9j6y6-mrSpRZWlivyoSzHI":333,"$fgx__Yo9cBPt7bL2vKNj_GmeQw1LTJIxRZG3aLlMd_u8":337},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":50,"crawl_stats":38,"alternatives":58,"analysis":165,"fingerprints":301},"multisite-clone-duplicator","MultiSite Clone Duplicator","1.5.3","Globalis","https:\u002F\u002Fprofiles.wordpress.org\u002Fglobalis\u002F","\u003Cp>MultiSite Clone Duplicator adds a “Duplicate Site” functionality to your network installation.\u003C\u002Fp>\n\u003Cp>It allows you to clone any site of your network into a new one : all data, files, users and roles can be copied.\u003C\u002Fp>\n\u003Cp>It is useful when you want to create multiple sites from the same template : Don’t waste your time copying the same configuration again and again !\u003C\u002Fp>\n\u003Cp>Simple and user-friendly, this plugin extends WordPress core network’s functionalities without polluting the dashboard.\u003C\u002Fp>\n\u003Cp>WARNING : If you clone the primary site, you must use \u003Ccode>mucd_default_primary_tables_to_copy\u003C\u002Fcode> filter to declare plugins and custom database tables, or your cloned site won’t be complete\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Clones any site of your wordpress multisite installation\u003C\u002Fli>\n\u003Cli>Copies all posts and settings\u003C\u002Fli>\n\u003Cli>Generates log files (if option is checked)\u003C\u002Fli>\n\u003Cli>Copy all files from duplicated site (if option is checked)\u003C\u002Fli>\n\u003Cli>Keep users and roles from duplicated site (if option is checked)\u003C\u002Fli>\n\u003Cli>Configure which site is clonable (so you can define an unique “pattern” site)\u003C\u002Fli>\n\u003Cli>Fully hookable\u003C\u002Fli>\n\u003Cli>Command line ready (provides a WP-CLI subcommand)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Hooks\u003C\u002Fh3>\n\u003Ch4>Action : mucd_before_copy_files \u002F mucd_after_copy_files\u003C\u002Fh4>\n\u003Cp>Action before \u002F after copying files\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Int : from_site_id\u003C\u002Fli>\n\u003Cli>Int : to_site_id\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Action : mucd_before_copy_data \u002F mucd_after_copy_data\u003C\u002Fh4>\n\u003Cp>Action before \u002F after copying data\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Int : from_site_id\u003C\u002Fli>\n\u003Cli>Int : to_site_id\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Action : mucd_before_copy_users \u002F mucd_after_copy_users\u003C\u002Fh4>\n\u003Cp>Action before \u002F after copying users\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Int : from_site_id\u003C\u002Fli>\n\u003Cli>Int : to_site_id\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Filter : mucd_copy_blog_data_saved_options\u003C\u002Fh4>\n\u003Cp>Filter options that should be preserved in the new blog (original values from created blog will not be erased by copy of old site’s tables)\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Array of string : option_name\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Filter : mucd_default_fields_to_update\u003C\u002Fh4>\n\u003Cp>Filter fields to scan for an update after data copy\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Array of ( ‘table_name’ => array(‘field_1’, ‘field_2’ …));\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Filter : mucd_default_primary_tables_to_copy\u003C\u002Fh4>\n\u003Cp>Filter tables to duplicate when duplicated site is primary site\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Array of string table_name\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Filter : mucd_copy_dirs\u003C\u002Fh4>\n\u003Cp>Filter directories and files you want to copy\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Array of string : dirs\u003C\u002Fli>\n\u003Cli>Int : from_site_id\u003C\u002Fli>\n\u003Cli>Int : to_site_id\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Filter : mucd_string_to_replace\u003C\u002Fh4>\n\u003Cp>Filter which strings we want to replace during update\u003Cbr \u002F>\n\u003Cstrong>Args :\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Col>\n\u003Cli>String : string_to_replace\u003C\u002Fli>\n\u003Cli>Int : from_site_id\u003C\u002Fli>\n\u003Cli>Int : to_site_id\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>WP-CLI arguments\u003C\u002Fh3>\n\u003Cp>Arguments are :\u003C\u002Fp>\n\u003Cpre>\u003Ccode>wp site duplicate --slug=\u003Cslug> --source=\u003Csite_id> [--title=\u003Ctitle>]\n  [--email=\u003Cemail>] [--network_id=\u003Cnetwork-id>] [--private] [--porcelain] [--v]\n  [--do_not_copy_files] [--keep_users] [--log=\u003Cdir_path>]\u003Ch3>Thank’s\u003C\u002Fh3>\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>The original version of this plugin has been developed by \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FjulienOG\" rel=\"nofollow ugc\">Julien OGER\u003C\u002Fa> who keeps following the project carefully.\u003C\u002Fp>\n\u003Cp>Some code for search and replace in SQL serialised data were initialy taken from \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flpointet\u002Fwordpress_migration\" rel=\"nofollow ugc\">Lionel Pointet WordPress Migration tool\u003C\u002Fa>\u003C\u002Fp>\n","Clones an existing site into a new one in a multisite installation : copies all posts, settings and files",100,242234,88,87,"2018-11-29T16:36:00.000Z","5.0.0","4.0.0","",[20,21,22,23,24],"clone","copy","duplicate","duplication","duplicator","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmultisite-clone-duplicator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.5.3.zip",63,1,"2025-08-29 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":38,"patch_diff_files":47,"patch_trac_url":38,"research_status":38,"research_verified":48,"research_rounds_completed":49,"research_plan":38,"research_summary":38,"research_vulnerable_code":38,"research_fix_diff":38,"research_exploit_outline":38,"research_model_used":38,"research_started_at":38,"research_completed_at":38,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":48,"poc_model_used":38,"poc_verification_depth":38},"CVE-2025-52760","multisite-clone-duplicator-reflected-cross-site-scripting","MultiSite Clone Duplicator \u003C= 1.5.3 - Reflected Cross-Site Scripting","The MultiSite Clone Duplicator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.5.3","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-10-29 21:05:43",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3e9bdb9d-bffe-4f6f-bb91-3dc5f7009f68?source=api-prod",[],false,0,{"slug":51,"display_name":7,"profile_url":8,"plugin_count":52,"total_installs":53,"avg_security_score":54,"avg_patch_time_days":55,"trust_score":56,"computed_at":57},"globalis",4,6140,85,30,84,"2026-05-20T09:19:25.513Z",[59,84,104,125,143],{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":18,"tags":74,"homepage":80,"download_link":81,"security_score":82,"vuln_count":70,"unpatched_count":49,"last_vuln_date":83,"fetched_at":30},"wp-quick-post-duplicator","WP Quick Post Duplicator","2.2","Arul Prasad J","https:\u002F\u002Fprofiles.wordpress.org\u002Farulprasadj\u002F","\u003Cp>This plugin allows you to clone\u002Fduplicate posts of any type for further editing.\u003C\u002Fp>\n\u003Cp>Custom post types are supported, along with custom taxonomies and custom fields.\u003C\u002Fp>\n\u003Cp>Hover over a post in the edit screen and click on  “Duplicate This Item” to create a duplicate\u002Fclone post.\u003C\u002Fp>\n\u003Cp>Plugin uses standard actions and filters only.\u003C\u002Fp>\n\u003Cp>If you love this plugin, \u003Ca href=\"https:\u002F\u002Fpaypal.me\u002Farulprasadj?locale.x=en_GB\" rel=\"nofollow ugc\">buy me a cup of coffee\u003C\u002Fa>\u003C\u002Fp>\n","Copy or Duplicate any post types, including pages, taxonomies & custom fields with a single click.",3000,22188,60,2,"2026-01-01T16:08:00.000Z","6.8.5","3.0",[75,76,77,78,79],"clone-page","copy-post","wordpress-page-duplicate","wordpress-page-duplicator","wordpress-post-duplicate","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-quick-post-duplicator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-quick-post-duplicator.2.2.zip",98,"2026-01-08 00:00:00",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":11,"num_ratings":94,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":18,"tags":98,"homepage":18,"download_link":103,"security_score":54,"vuln_count":49,"unpatched_count":49,"last_vuln_date":38,"fetched_at":30},"wp-widget-clipboard","WP Widget Clipboard – Duplicate widgets intuitively","1.2.15","owlwpplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fowlwpplugins\u002F","\u003Cp>Duplicate multiple widgets by drag & drop. so you can intuitively copy and paste widgets.\u003C\u002Fp>\n\u003Cp>It is hard to copy widgets one by one manually. Using this plugin makes duplicating widgets very easy.\u003C\u002Fp>\n\u003Cp>Widgets duplication procedure is the following :\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select multiple widgets you want to copy.\u003C\u002Fli>\n\u003Cli>Then drag and drop “Coied Widget” which in clipboard to any position.\u003C\u002Fli>\n\u003Cli>Selected widgets is duplicated at that location.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Or, you can duplicate widgets individually.\u003C\u002Fp>\n\u003Cp>For more detailed usage, install this plugin and read usage manual by opening “Settings” -> “WP Widget Clipboard” from the menu.\u003C\u002Fp>\n","Duplicate multiple widgets by drag & drop.",800,8876,5,"2019-11-28T04:42:00.000Z","5.3.21","3.3",[20,99,100,101,102],"copy-widgets","duplicate-widget-plugin","duplicate-widgets","widget-duplicator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-widget-clipboard.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":121,"download_link":122,"security_score":123,"vuln_count":52,"unpatched_count":49,"last_vuln_date":124,"fetched_at":30},"duplicate-post","Yoast Duplicate Post","4.6","Yoast","https:\u002F\u002Fprofiles.wordpress.org\u002Fyoast\u002F","\u003Cp>This plugin allows users to clone posts of any type, or copy them to new drafts for further editing.\u003C\u002Fp>\n\u003Cp>How it works:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>In ‘Edit Posts’\u002F’Edit Pages’, you can click on ‘Clone’ link below the post\u002Fpage title: this will immediately create a copy and return to the list.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>In ‘Edit Posts’\u002F’Edit Pages’, you can select one or more items, then choose ‘Clone’ in the ‘Bulk Actions’ dropdown to copy them all at once.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>In ‘Edit Posts’\u002F’Edit Pages’, you can click on ‘New Draft’ link below the post\u002Fpage title.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>On the post edit screen, you can click on ‘Copy to a new draft’ above “Cancel”\u002F”Move to trash” or in the admin bar.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>While viewing a post as a logged in user, you can click on ‘Copy to a new draft’ in the admin bar.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>3, 4 and 5 will lead to the edit page for the new draft: change what you want, click on ‘Publish’ and you’re done.\u003C\u002Fp>\n\u003Cp>There is also a \u003Cstrong>template tag\u003C\u002Fstrong>, so you can put it in your templates and clone your posts\u002Fpages from the front-end. Clicking on the link will lead you to the edit page for the new draft, just like the admin bar link.\u003C\u002Fp>\n\u003Cp>Duplicate Post has many useful settings to customize its behavior and restrict its use to certain roles or post types. Check out the extensive documentation on \u003Ca href=\"https:\u002F\u002Fyoast.com\u002Fwordpress\u002Fplugins\u002Fduplicate-post\u002F\" rel=\"nofollow ugc\">yoast.com\u003C\u002Fa> and our \u003Ca href=\"https:\u002F\u002Fdeveloper.yoast.com\u002Fduplicate-post\u002Foverview\u002F\" rel=\"nofollow ugc\">developer docs\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Contribute\u003C\u002Fh3>\n\u003Cp>If you find this useful and if you want to contribute, there are two ways:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Submit your bug reports, suggestions and requests for features on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FYoast\u002Fduplicate-post\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>;\u003C\u002Fli>\n\u003Cli>If you want to translate it to your language (there are just a few lines of text), you can use the \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fduplicate-post\" rel=\"nofollow ugc\">translation project\u003C\u002Fa>;\u003C\u002Fli>\n\u003C\u002Fol>\n","The go-to tool for cloning posts and pages, including the powerful Rewrite & Republish feature.",4000000,38996013,94,529,"2026-03-09T10:34:00.000Z","6.9.4","6.8","7.4",[20,21,105],"https:\u002F\u002Fyoast.com\u002Fwordpress\u002Fplugins\u002Fduplicate-post\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduplicate-post.4.6.zip",90,"2026-03-17 20:54:49",{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":135,"num_ratings":136,"last_updated":137,"tested_up_to":117,"requires_at_least":138,"requires_php":18,"tags":139,"homepage":141,"download_link":142,"security_score":11,"vuln_count":49,"unpatched_count":49,"last_vuln_date":38,"fetched_at":30},"duplicate-menu","Duplicate Menu","0.2.3","Jon Christopher","https:\u002F\u002Fprofiles.wordpress.org\u002Fjchristopher\u002F","\u003Cp>Some WordPress installs use very elaborate navigation systems powered by core Menus. They’re a fantastic feature that can often make or break a theme. Menus aren’t very portable out of the box, however. If you’re looking to make a change to a Menu you’re pretty much working live without a quick way to revert back to an old version. That’s where Duplicate Menu comes in.\u003C\u002Fp>\n\u003Cp>Duplicate Menu will allow you to create a second (or third, or fourth, etc.) copy of an existing Menu to do with what you will. It generates the clone on a programmatic level and recreates all necessary relationships to ensure the structure is retained as well.\u003C\u002Fp>\n\u003Cp>Find out more information in my \u003Ca href=\"https:\u002F\u002Fjonchristopher.us\u002Fblog\u002Fwordpress-plugin-duplicate-menu\u002F\" rel=\"nofollow ugc\">explanatory article on Duplicate Menu\u003C\u002Fa>\u003C\u002Fp>\n","Easily duplicate your WordPress menus with one click.",100000,582334,92,104,"2025-12-30T15:25:00.000Z","3.4.2",[20,21,22,140],"menu","https:\u002F\u002Fgithub.com\u002Fjchristopher\u002Fduplicate-menu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduplicate-menu.0.2.3.zip",{"slug":144,"name":145,"version":146,"author":147,"author_profile":148,"description":149,"short_description":150,"active_installs":151,"downloaded":152,"rating":114,"num_ratings":153,"last_updated":154,"tested_up_to":155,"requires_at_least":156,"requires_php":157,"tags":158,"homepage":162,"download_link":163,"security_score":82,"vuln_count":70,"unpatched_count":49,"last_vuln_date":164,"fetched_at":30},"page-or-post-clone","Fast Page & Post Duplicator","9.3","carlosfazenda","https:\u002F\u002Fprofiles.wordpress.org\u002Fcarlosfazenda\u002F","\u003Cp>The Fast Page & Post Duplicator plugin lets you make a copy of any post or page in WordPress with one click.\u003C\u002Fp>\n\u003Cp>It makes a copy of the original content so you can use the same layouts, formatting and structure again without having to start from scratch.\u003C\u002Fp>\n\u003Cp>This plugin is simple and fast. It makes managing content easier.\u003C\u002Fp>\n\u003Cp>It is great for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Using the same page layouts\u003C\u002Fli>\n\u003Cli>Making versions of landing pages\u003C\u002Fli>\n\u003Cli>Copying posts to update or translate them\u003C\u002Fli>\n\u003Cli>Making copies of templates quickly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cp>✔ Duplicate posts with one click\u003Cbr \u002F>\n✔ Duplicate pages with one click\u003Cbr \u002F>\n✔ It copies the content, title and settings\u003Cbr \u002F>\n✔ Keeps the structure and formatting as the original post\u003Cbr \u002F>\n✔ Fast and simple\u003Cbr \u002F>\n✔ With a simple interface in the WordPress post list\u003C\u002Fp>\n\u003Cp>New things in recent versions:\u003C\u002Fp>\n\u003Cp>✔ See what you have cloned recently\u003Cbr \u002F>\n✔ View statistics on who is cloning what\u003Cbr \u002F>\n✔ Check history of all the clones you have made\u003C\u002Fp>\n\u003Ch3>How it works\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate the Fast Page & Post Duplicator plugin.\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Posts \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> All Posts\u003C\u002Fstrong> or \u003Cstrong>Pages \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> All Pages\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Move your mouse over any item in the list.\u003C\u002Fli>\n\u003Cli>Click \u003Cstrong>Clone\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>The copied content will open as a \u003Cstrong>draft\u003C\u002Fstrong>. You can edit and publish it.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Why use Fast Page & Post Duplicator?\u003C\u002Fh3>\n\u003Cp>Making pages from scratch can take a time.\u003C\u002Fp>\n\u003Cp>With the Fast Page & Post Duplicator plugin you can make a copy of existing content. Change it which saves you time and makes sure your site looks consistent.\u003C\u002Fp>\n\u003Cp>The Fast Page & Post Duplicator plugin works with the WordPress admin interface and does not need any special setup.\u003C\u002Fp>\n","Make a copy of posts and pages with just one click.",60000,631409,13,"2026-03-06T14:39:00.000Z","6.7.5","4.5","5.6",[75,159,105,160,161],"clone-post","page","post-duplicator","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpage-or-post-clone\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpage-or-post-clone.zip","2026-03-04 19:00:38",{"attackSurface":166,"codeSignals":206,"taintFlows":256,"riskAssessment":291,"analyzedAt":300},{"hooks":167,"ajaxHandlers":198,"restRoutes":203,"shortcodes":204,"cronEvents":205,"entryPointCount":28,"unprotectedCount":49},[168,174,177,183,187,191,195],{"type":169,"name":170,"callback":171,"file":172,"line":173},"action","network_admin_menu","network_menu_add_duplicate","include\\admin.php",15,{"type":169,"name":175,"callback":175,"file":172,"line":176},"admin_init",17,{"type":178,"name":179,"callback":180,"priority":181,"file":172,"line":182},"filter","manage_sites_action_links","add_site_row_action",10,28,{"type":169,"name":184,"callback":185,"priority":186,"file":172,"line":55},"admin_bar_menu","admin_network_menu_bar",300,{"type":169,"name":188,"callback":189,"file":172,"line":190},"wpmu_options","admin_network_option_page",32,{"type":169,"name":192,"callback":193,"file":172,"line":194},"wpmuadminedit","save_admin_network_option_page",34,{"type":169,"name":175,"callback":196,"file":197,"line":27},"check_if_multisite","multisite-clone-duplicator.php",[199],{"action":200,"nopriv":48,"callback":200,"hasNonce":201,"hasCapCheck":48,"file":172,"line":202},"mucd_fetch_sites",true,20,[],[],[],{"dangerousFunctions":207,"sqlUsage":208,"outputEscaping":210,"fileOperations":49,"externalRequests":49,"nonceChecks":251,"capabilityChecks":70,"bundledLibraries":252},[],{"prepared":70,"raw":49,"locations":209},[],{"escaped":181,"rawEcho":202,"locations":211},[212,215,217,219,221,223,225,227,229,232,234,236,237,239,240,242,244,245,247,249],{"file":172,"line":213,"context":214},317,"raw output",{"file":172,"line":216,"context":214},318,{"file":172,"line":218,"context":214},332,{"file":172,"line":220,"context":214},338,{"file":172,"line":222,"context":214},341,{"file":172,"line":224,"context":214},342,{"file":172,"line":226,"context":214},343,{"file":172,"line":228,"context":214},345,{"file":230,"line":231,"context":214},"template\\network_admin_duplicate_site.php",16,{"file":230,"line":233,"context":214},23,{"file":230,"line":235,"context":214},31,{"file":230,"line":235,"context":214},{"file":230,"line":238,"context":214},33,{"file":230,"line":238,"context":214},{"file":230,"line":241,"context":214},42,{"file":230,"line":243,"context":214},49,{"file":230,"line":69,"context":214},{"file":230,"line":246,"context":214},82,{"file":248,"line":176,"context":214},"template\\network_admin_network_settings.php",{"file":248,"line":250,"context":214},48,3,[253],{"name":254,"version":38,"knownCves":255},"Select2",[],[257,274],{"entryPoint":258,"graph":259,"unsanitizedCount":49,"severity":273},"mucd_fetch_sites (include\\admin.php:216)",{"nodes":260,"edges":271},[261,266],{"id":262,"type":263,"label":264,"file":172,"line":265},"n0","source","$_GET['q']",245,{"id":267,"type":268,"label":269,"file":172,"line":265,"wp_function":270},"n1","sink","get_results() [SQLi]","get_results",[272],{"from":262,"to":267,"sanitized":201},"low",{"entryPoint":275,"graph":276,"unsanitizedCount":49,"severity":273},"\u003Cadmin> (include\\admin.php:0)",{"nodes":277,"edges":288},[278,279,280,284],{"id":262,"type":263,"label":264,"file":172,"line":265},{"id":267,"type":268,"label":269,"file":172,"line":265,"wp_function":270},{"id":281,"type":263,"label":282,"file":172,"line":283},"n2","$_GET (x2)",109,{"id":285,"type":268,"label":286,"file":172,"line":218,"wp_function":287},"n3","echo() [XSS]","echo",[289,290],{"from":262,"to":267,"sanitized":201},{"from":281,"to":285,"sanitized":201},{"summary":292,"deductions":293},"The multisite-clone-duplicator plugin v1.5.3 presents a mixed security profile. On the positive side, it demonstrates good practices by implementing nonce checks and capability checks for its entry points. The absence of file operations and external HTTP requests also reduces the attack surface. Furthermore, all SQL queries are secured using prepared statements, which is a significant strength. However, a notable concern is the low percentage of properly escaped output (33%). This suggests a potential for Cross-Site Scripting (XSS) vulnerabilities, especially given the plugin's history of a medium-severity XSS CVE.\n\nThe vulnerability history indicates a pattern of past security weaknesses, specifically in improper input neutralization leading to XSS. The fact that one medium-severity CVE remains unpatched is a significant risk. While the static analysis didn't reveal critical taint flows or unsanitized paths, the unpatched XSS vulnerability combined with the low output escaping rate warrants careful attention. The plugin has a small attack surface with only one AJAX handler, and it is protected, which is good. However, the unpatched vulnerability is the most pressing issue, overshadowing the otherwise decent code security practices.",[294,297],{"reason":295,"points":296},"Unpatched medium severity CVE",18,{"reason":298,"points":299},"Low percentage of properly escaped output",7,"2026-03-16T20:59:17.888Z",{"wat":302,"direct":313},{"assetPaths":303,"generatorPatterns":307,"scriptPaths":308,"versionParams":309},[304,305,306],"\u002Fwp-content\u002Fplugins\u002Fmultisite-clone-duplicator\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fmultisite-clone-duplicator\u002Fjs\u002Fselect2.min.js","\u002Fwp-content\u002Fplugins\u002Fmultisite-clone-duplicator\u002Fjs\u002Fmucd-admin.js",[],[305,306],[310,311,312],"multisite-clone-duplicator\u002Fcss\u002Fadmin.css?ver=","multisite-clone-duplicator\u002Fjs\u002Fselect2.min.js?ver=","multisite-clone-duplicator\u002Fjs\u002Fmucd-admin.js?ver=",{"cssClasses":314,"htmlComments":323,"htmlAttributes":324,"restEndpoints":327,"jsGlobals":328,"shortcodeOutput":332},[315,316,317,318,319,320,321,322],"mucd-notice-error","mucd-notice-success","mucd-button-duplicate","mucd-disabled","select2-container","select2-container--default","select2-container--below","select2-container--open",[],[325,326],"data-mucd-action","data-mucd-confirm",[],[329,330,331],"mucd_ajaxurl","mucd_site_list","mucd_source_site",[],{"error":201,"url":334,"statusCode":335,"statusMessage":336,"message":336},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fmultisite-clone-duplicator\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":338,"versions":339},14,[340,346,354,362,370,378,386,394,402,410,418,426,434,442],{"version":6,"download_url":26,"svn_tag_url":341,"released_at":38,"has_diff":48,"diff_files_changed":342,"diff_lines":38,"trac_diff_url":343,"vulnerabilities":344,"is_current":201},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.5.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.2&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.3",[345],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":347,"download_url":348,"svn_tag_url":349,"released_at":38,"has_diff":48,"diff_files_changed":350,"diff_lines":38,"trac_diff_url":351,"vulnerabilities":352,"is_current":48},"1.5.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.5.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.5.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.1&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.2",[353],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":355,"download_url":356,"svn_tag_url":357,"released_at":38,"has_diff":48,"diff_files_changed":358,"diff_lines":38,"trac_diff_url":359,"vulnerabilities":360,"is_current":48},"1.5.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.5.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.5.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.0&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.1",[361],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":363,"download_url":364,"svn_tag_url":365,"released_at":38,"has_diff":48,"diff_files_changed":366,"diff_lines":38,"trac_diff_url":367,"vulnerabilities":368,"is_current":48},"1.5.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.5.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.5.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.4.1&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.5.0",[369],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":371,"download_url":372,"svn_tag_url":373,"released_at":38,"has_diff":48,"diff_files_changed":374,"diff_lines":38,"trac_diff_url":375,"vulnerabilities":376,"is_current":48},"1.4.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.4.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.4.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.4.0&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.4.1",[377],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":379,"download_url":380,"svn_tag_url":381,"released_at":38,"has_diff":48,"diff_files_changed":382,"diff_lines":38,"trac_diff_url":383,"vulnerabilities":384,"is_current":48},"1.4.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.4.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.4.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3.3&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.4.0",[385],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":387,"download_url":388,"svn_tag_url":389,"released_at":38,"has_diff":48,"diff_files_changed":390,"diff_lines":38,"trac_diff_url":391,"vulnerabilities":392,"is_current":48},"1.3.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.3.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.3.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3.2&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3.3",[393],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":395,"download_url":396,"svn_tag_url":397,"released_at":38,"has_diff":48,"diff_files_changed":398,"diff_lines":38,"trac_diff_url":399,"vulnerabilities":400,"is_current":48},"1.3.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.3.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.3.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3.1&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3.2",[401],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":403,"download_url":404,"svn_tag_url":405,"released_at":38,"has_diff":48,"diff_files_changed":406,"diff_lines":38,"trac_diff_url":407,"vulnerabilities":408,"is_current":48},"1.3.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.3.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.3.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3.1",[409],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":411,"download_url":412,"svn_tag_url":413,"released_at":38,"has_diff":48,"diff_files_changed":414,"diff_lines":38,"trac_diff_url":415,"vulnerabilities":416,"is_current":48},"1.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.2&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.3",[417],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":419,"download_url":420,"svn_tag_url":421,"released_at":38,"has_diff":48,"diff_files_changed":422,"diff_lines":38,"trac_diff_url":423,"vulnerabilities":424,"is_current":48},"1.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.1&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.2",[425],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":427,"download_url":428,"svn_tag_url":429,"released_at":38,"has_diff":48,"diff_files_changed":430,"diff_lines":38,"trac_diff_url":431,"vulnerabilities":432,"is_current":48},"1.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.0&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.1",[433],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":435,"download_url":436,"svn_tag_url":437,"released_at":38,"has_diff":48,"diff_files_changed":438,"diff_lines":38,"trac_diff_url":439,"vulnerabilities":440,"is_current":48},"1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fmultisite-clone-duplicator%2Ftags%2F0.2.0&new_path=%2Fmultisite-clone-duplicator%2Ftags%2F1.0",[441],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":443,"download_url":444,"svn_tag_url":445,"released_at":38,"has_diff":48,"diff_files_changed":446,"diff_lines":38,"trac_diff_url":38,"vulnerabilities":447,"is_current":48},"0.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmultisite-clone-duplicator.0.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fmultisite-clone-duplicator\u002Ftags\u002F0.2.0\u002F",[],[448],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38}]