CVE-2020-11738

WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro. Vendor/Product: WordPress Snap Creek Duplicator Plugin. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.