CVE CVE-2020-11738 Mappings

The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-11738 n/a uncategorized T1190 Exploit Public-Facing Application
CVE-2020-11738 n/a uncategorized T1055 Process Injection