[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzw8sXmGD3vwMj6Tk5VVbr79JnfWLSyhqCVamPoCS7YY":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2018-25095","duplicator-unauthenticated-remote-code-execution","Duplicator \u003C 1.3.0 - Unauthenticated Remote Code Execution","The Duplicator – WordPress Migration & Backup Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to 1.3.0 (exclusive) via the\u002Finstaller.php file. This is due to plugin not properly cleaning up the installer.php file upon completion of the script. This makes it possible for unauthenticated attackers to execute code on the server.","duplicator",null,"\u003C1.3.0","1.3.0","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Generation of Code ('Code Injection')","2023-12-15 00:00:00","2024-02-07 13:48:28",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc5757abd-33dc-4751-bc55-afd944ff2341?source=api-prod",55]