EUVD-2025-4367

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

1 Click WordPress Migration Plugin is vulnerable to Cross-Site Request Forgery due to nonce validation issues

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-13555	18 Feb 202505:16	–	circl
CNNVD	WordPress plugin 1 Click WordPress Migration Plugin 跨站请求伪造漏洞	18 Feb 202500:00	–	cnnvd
CVE	CVE-2024-13555	18 Feb 202504:21	–	cve
Cvelist	CVE-2024-13555 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation	18 Feb 202504:21	–	cvelist
NVD	CVE-2024-13555	18 Feb 202505:15	–	nvd
OSV	CVE-2024-13555	18 Feb 202505:15	–	osv
Patchstack	WordPress 1 Click WordPress plugin <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation vulnerability	17 Feb 202521:41	–	patchstack
Positive Technologies	PT-2025-6565 · WordPress · 1 Click Wordpress Migration Plugin	18 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-13555	20 Feb 202504:33	–	redhatcve
Vulnrichment	CVE-2024-13555 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation	18 Feb 202504:21	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "8f8f6431-6144-35f8-861d-e5653ce520ed",
        "vendor": {
          "name": "1clickmigration"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "85aca9a7-0e8a-3c01-8029-de5a0532cf9b",
        "product": {
          "name": "1 Click WordPress Migration Plugin – 100% FREE for a limited time"
        },
        "product_version": "* ≤2.1"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-13555
wordpress	www.wordpress.org/plugins/1-click-migration
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/aee963fa-26b5-4bf0-b52f-095c67fb4834
wordpress	www.wordpress.org/plugins/1-click-migration/

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.14.3 - 5.3

EPSS0.001

SSVC