CVE-2018-7543

Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt