Is CVE-2020-11738 in the CISA Known Exploited Vulnerabilities catalog?

Yes — CVE-2020-11738 is listed in CISA KEV, remediation due 2022-05-03.

Which frameworks does CVE-2020-11738 affect?

CVE-2020-11738 affects WordPress.

CISA Known Exploited Vulnerability

CVE-2020-11738

WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their

⚠ Actively exploited (CISA KEV) WordPress 2020

CISA catalog entry

Product

Snap Creek Duplicator Plugin

Vendor

WordPress

Added to KEV

2021-11-03

Remediation due

2022-05-03

CVE-2020-11738 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

View CVE-2020-11738 on the NIST National Vulnerability Database →

Related vulnerabilities

CVE-2026-8206 CVE-2026-8181 CVE-2026-3844 CVE-2026-10795 CVE-2026-4020 CVE-2026-1293 CVE-2026-8732 CVE-2026-4798