CVE-2016-15027

Name of the Vulnerable Software and Affected Versions meta4creations Post Duplicator Plugin version 2.18

Description A vulnerability was found in the meta4creations Post Duplicator Plugin. It has been classified as problematic and affects the function mtphr post duplicator notice of the file includes/notices.php. The manipulation of the argument post-duplicated leads to cross-site scripting. It is possible to launch the attack remotely.

Recommendations For version 2.18, upgrade to version 2.19 to address this issue. As a temporary workaround, consider disabling the mtphr post duplicator notice function until a patch is available. Restrict access to the includes/notices.php file to minimize the risk of exploitation. Avoid using the argument post-duplicated until the issue is resolved.