Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Permalinks Migration Plugin Security Vulnerabilities

cve
cve

CVE-2008-0508

Cross-site request forgery (CSRF) vulnerability in deans_permalinks_migration.php in the Dean's Permalinks Migration 1.0 plugin for WordPress allows remote attackers to modify the oldstructure (aka dean_pm_config[oldstructure]) configuration setting as administrators via the old_struct parameter in...

6.3AI Score

0.004EPSS

2008-01-31 08:00 PM
15
cve
cve

CVE-2022-2551

The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating.

7.5CVSS

7.4AI Score

0.664EPSS

2022-08-22 03:15 PM
79
4
cve
cve

CVE-2023-5737

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.

4.3CVSS

4.9AI Score

0.0004EPSS

2023-11-27 05:15 PM
45
cve
cve

CVE-2023-5738

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks.

5.4CVSS

5.5AI Score

0.0004EPSS

2023-11-27 05:15 PM
37