Does WP Replicate Post have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Replicate Post have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Replicate Post compatible with WordPress 6.8.5?

According to WordPress.org data, WP Replicate Post 4.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is WP Replicate Post updated?

WP Replicate Post was last updated on Oct 24, 2025. Frequent updates are generally a positive security signal.

What is WP Replicate Post's security score?

WP Replicate Post has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Replicate Post Security & Risk Analysis

wordpress.org/plugins/wp-replicate-post

Replicate any Post, Pages, etc in single click!

100 active installs v4.2 PHP + WP 3.0+ Updated Oct 24, 2025

clonecopyduplicatepagepost

A · Safe

CVEs total1

Unpatched0

Last CVEMay 10, 2023

Plugin page Download

Safety Verdict

Is WP Replicate Post Safe to Use in 2026?

Generally Safe

Score 99/100

WP Replicate Post has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: May 10, 2023Updated 5mo ago

Risk Assessment

The wp-replicate-post plugin v4.2 exhibits a generally positive security posture due to its minimal attack surface and consistent use of prepared statements for SQL queries. The static analysis reveals no critical or high severity taint flows, and the absence of AJAX handlers, REST API routes, and shortcodes without authentication checks is a significant strength. However, the fact that only 50% of output is properly escaped raises a concern for potential cross-site scripting (XSS) vulnerabilities, especially if sensitive data is being outputted. The plugin's history shows one high-severity SQL injection vulnerability, which, while currently patched, indicates a past weakness in handling user input for database operations. The presence of a nonce check is a good practice, but the complete lack of capability checks across its entry points is a notable omission, potentially allowing unauthorized users to interact with the plugin's functions if they can find a way to trigger them.

Key Concerns

Half of output is not properly escaped
No capability checks on entry points
Past high severity SQL injection vulnerability

Vulnerabilities

WP Replicate Post Security Vulnerabilities

CVEs by Year

1 CVE in 2023

2023

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2023-2237high · 8.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

WP Replicate Post <= 4.0.2 - Authenticated (Contributor+) SQL Injection

May 10, 2023 Patched in 4.1 (258d)

Code Analysis

Analyzed Mar 16, 2026

WP Replicate Post Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

3 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared6 total queries

Output Escaping

50% escaped6 total outputs

Data Flows

All sanitized

Data Flow Analysis

2 flows

replicate_item_save (init\functions.php:147)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WP Replicate Post Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionadmin_footer-edit.phpinit\functions.php:15

actioninitinit\functions.php:35

actionadmin_initinit\functions.php:112

filterpost_row_actionsinit\functions.php:120

filterpage_row_actionsinit\functions.php:121

actionadmin_action_replicate_item_saveinit\functions.php:142

filterplugin_action_linksinit\functions.php:214

actionadmin_initinit\replicate_item_option.php:6

actionadmin_menuinit\replicate_item_option.php:24

Maintenance & Trust

WP Replicate Post Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 24, 2025

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

WP Replicate Post Alternatives

WP Duplicate Page

wp-duplicate-page

Clone WordPress page, post, custom post types

60K 3 CVEs

Clone Posts

clone-posts

100

Easily clone (duplicate) Posts, Pages and Custom Post Types, including their custom fields (post_meta)

10K No CVEs

Duplicate Post Page Menu & Custom Post Type

duplicate-post-page-menu-custom-post-type

The best plugin to duplicate post, page, menu and custom post type multiple times in a single click.

10K 2 CVEs

WP Quick Post Duplicator

wp-quick-post-duplicator

Copy or Duplicate any post types, including pages, taxonomies & custom fields with a single click.

3K 2 CVEs

Labinator Content Types Duplicator

labinator-content-types-duplicator

Duplicate posts, pages, widgets, menus, and any content types with one click. Copy or clone your content without limitations. It is 100% free!

200 1 unpatched

Developer Profile

WP Replicate Post Developer Profile

Yudiz Solutions Pvt. Ltd.

14 plugins · 6K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

59 days

View full developer profile

Detection Fingerprints

How We Detect WP Replicate Post

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

JS Globals

replicate_item_enable

FAQ