CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6592 – FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-6592
16 Jan 2024 — The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export files. El complemento FastDup de WordPress anterior a 2.2 no impide el listado de directorios en directorios confidenciales que contienen archivos de exportación. The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.9. This makes it possible for unauthenticated attackers to obtain... • https://research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51406 – WordPress FastDup Plugin <= 2.1.7 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-51406
27 Dec 2023 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through 2.1.7. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Ninja Team FastDup: duplicador y migración de WordPress más rápido. Este problema afecta a FastDup: duplicador y migración de WordPress más rápido: desde n/a hasta 2.1.7. The FastDup – Fastest ... • https://patchstack.com/database/vulnerability/fastdup/wordpress-fastdup-plugin-2-1-7-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •