EUVD-2024-33404

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Backup Migration plugin in WordPress vulnerable to PHP Object Injection in versions up to 1.4.6

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-10932	4 Jan 202507:26	–	circl
CNNVD	WordPress plugin Backup Migration 代码问题漏洞	4 Jan 202500:00	–	cnnvd
CVE	CVE-2024-10932	4 Jan 202507:24	–	cve
Cvelist	CVE-2024-10932 Backup Migration <= 1.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialize_replace'	4 Jan 202507:24	–	cvelist
NVD	CVE-2024-10932	4 Jan 202508:15	–	nvd
Patchstack	WordPress Backup Migration plugin <= 1.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialize_replace' vulnerability	3 Jan 202522:06	–	patchstack
Positive Technologies	PT-2025-1614 · WordPress · Backup Migration Plugin	4 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-10932	5 Feb 202505:13	–	redhatcve
Vulnrichment	CVE-2024-10932 Backup Migration <= 1.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialize_replace'	4 Jan 202507:24	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (December 16, 2024 to January 5, 2025)	9 Jan 202514:35	–	wordfence

[
  {
    "enisaIdVendor": [
      {
        "id": "9845c9f4-7b0a-3d29-8b1a-1fe439bf17de",
        "vendor": {
          "name": "Inisev"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "5b32c08f-a201-3cbc-bd9c-9dfbc6be6880",
        "product": {
          "name": "Backup Migration"
        },
        "product_version": "* ≤1.4.6"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/d5a0c514-5200-47f4-9d2e-684d68946b9a
plugins	www.plugins.trac.wordpress.org/browser//backup-backup/tags/1.4.6/includes/database/search-replace.php
plugins	www.plugins.trac.wordpress.org/browser/backup-backup/tags/1.4.6.1/includes/database/search-replace.php

03 Oct 2025 20:07Current

8.7High risk

Vulners AI Score8.7

CVSS 3.18.8

EPSS0.02351

SSVC