191 matches found
EUVD-2025-198621
The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...
CVE-2025-12394
The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...
CVE-2025-12394 Backup Migration < 2.0.0 - Unauthenticated Backup Download
The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...
CVE-2025-12394
CVE-2025-12394 concerns the WordPress plugin Backup Migration. The vulnerability affects the plugin up to version 2.0.0, where it fails to generate the backup path correctly in certain server configurations. This allows unauthenticated users to read a log that reveals the backup filename, and the...
CVE-2025-12394 Backup Migration < 2.0.0 - Unauthenticated Backup Download
The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...
PT-2025-47884
The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...
WordPress plugin Backup Migration 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2021-23460
Malware in sbrugna...
EUVD-2024-30473
Malicious code in bioql PyPI...
EUVD-2023-59167
Malicious code in bioql PyPI...
EUVD-2023-58515
Malicious code in bioql PyPI...
EUVD-2023-58511
Malicious code in bioql PyPI...
WordPress Backup Migration 1.3.7 Remote Code Execution
The Backup Migration plugin for WordPress is vulnerable to remote Code execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. An attacker can control the values passed to an include statement, leveraging that to achieve remote code execution. This...
WordPress plugin WPvivid Backup Migration 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue...
CVE-2024-3546
The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...
CVE-2024-32686
Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...
CVE-2024-31254
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...
CVE-2023-7002
The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operati...
CVE-2023-6271
The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups...
CVE-2023-6972
The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to...