CVE-2021-21351 is a vulnerability that affects the Duplicator plugin for WordPress, specifically versions prior to 1.4.0. This vulnerability allows an attacker with access to a low-privileged account on a targeted site to execute arbitrary code, potentially leading to a full compromise of the website and its data. The flaw exists due to insufficient input validation in the import function of the plugin, which can be exploited by an attacker to upload a malicious file to the server.
The vulnerability was first reported to the Duplicator development team on March 10, 2021, and a patch was released on April 22, 2021, in version 1.4.0 of the plugin. However, due to the widespread use of the plugin, many websites remained vulnerable even after the patch was released. In June 2021, the Wordfence Threat Intelligence team identified active exploitation attempts targeting sites using vulnerable versions of the Duplicator plugin.
Website administrators are advised to update the Duplicator plugin to version 1.4.0 or later as soon as possible. Additionally, it is recommended to review the list of users with access to the plugin and remove any unnecessary accounts with low privileges. As always, it is important to maintain regular backups of website data and implement strong password policies to minimize the impact of any potential security incidents.