FastDup – Fastest WordPress Migration & Duplicator — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in FastDup – Fastest WordPress Migration & Duplicator, with AI-generated Chinese analysis, references, and POCs.

Vendor: Ninja Team

CVE ID	Title	CVSS	Severity	Published
CVE-2026-1104	FastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download CWE-862	8.8	High	2026-02-12
CVE-2026-0604	FastDup <= 2.7 - Authenticated (Contributor+) Path Traversal via 'dir_path' REST Parameter CWE-22	6.5	Medium	2026-01-06
CVE-2023-51406	WordPress FastDup Plugin <= 2.1.7 is vulnerable to Sensitive Data Exposure CWE-200	5.3	Medium	2024-01-08

All 3 known CVE vulnerabilities affecting FastDup – Fastest WordPress Migration & Duplicator with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

FastDup – Fastest WordPress Migration & Duplicator — Vulnerabilities & Security Advisories 3