Description: Unauthenticated Arbitrary File Download Affected Plugin: Duplicator Affected Versions: <= 1.3.26 CVE ID: CVE-2020-11738 CVSS Score: 7.5 (High) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Patched Version: 1.3.28 A critical security update was recently issued for Duplicator, one of the most popular plugins in the WordPress ecosystem. Over a million WordPress sites were affected by a vulnerability allowing … Continue reading Active Attack on Recently Patched Duplicator Plugin Vulnerability Affects Over 1 Million Sites