Lucene search
+L

191 matches found

euvd
euvd
added 2025/11/24 6:31 a.m.5 views

EUVD-2025-198621

The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...

5.9CVSS6.3AI score0.00259EPSS
Exploits0References2
nvd
nvd
added 2025/11/24 6:15 a.m.12 views

CVE-2025-12394

The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...

5.9CVSS0.00259EPSS
Exploits0References1
cvelist
cvelist
added 2025/11/24 6:0 a.m.13 views

CVE-2025-12394 Backup Migration < 2.0.0 - Unauthenticated Backup Download

The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...

0.00259EPSS
Exploits0References1
cve
cve
added 2025/11/24 6:0 a.m.19 views

CVE-2025-12394

CVE-2025-12394 concerns the WordPress plugin Backup Migration. The vulnerability affects the plugin up to version 2.0.0, where it fails to generate the backup path correctly in certain server configurations. This allows unauthenticated users to read a log that reveals the backup filename, and the...

5.9CVSS6.4AI score0.00259EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/11/24 6:0 a.m.3 views

CVE-2025-12394 Backup Migration < 2.0.0 - Unauthenticated Backup Download

The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...

6.4AI score0.00259EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/11/24 12:0 a.m.17 views

PT-2025-47884

The Backup Migration WordPress plugin before 2.0.0 does not properly generate its backup path in certain server configurations, allowing unauthenticated users to fetch a log that discloses the backup filename. The backup archive is then downloadable without authentication...

6.8AI score0.00259EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/11/24 12:0 a.m.5 views

WordPress plugin Backup Migration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.9CVSS6.4AI score0.00259EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-23460

Malware in sbrugna...

5.4CVSS5.6AI score0.00552EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-30473

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00443EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-59167

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.06419EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-58515

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00688EPSS
Exploits2References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58511

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.02072EPSS
Exploits0References4
packetstormnews
packetstormnews
added 2025/08/08 12:0 a.m.10 views

WordPress Backup Migration 1.3.7 Remote Code Execution

The Backup Migration plugin for WordPress is vulnerable to remote Code execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. An attacker can control the values passed to an include statement, leveraging that to achieve remote code execution. This...

9.8CVSS9.1AI score0.97846EPSS
Exploits14
cnnvd
cnnvd
added 2025/07/03 12:0 a.m.11 views

WordPress plugin WPvivid Backup Migration 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue...

7.2CVSS6.7AI score0.06479EPSS
Exploits3References7
redhatcve
redhatcve
added 2025/05/23 9:21 a.m.8 views

CVE-2024-3546

The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...

4.3CVSS5.9AI score0.00491EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:36 a.m.5 views

CVE-2024-32686

Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...

5.3CVSS5.2AI score0.00443EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:40 a.m.11 views

CVE-2024-31254

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...

7.5CVSS8.6AI score0.00482EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 6:7 a.m.4 views

CVE-2023-7002

The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operati...

7.2CVSS6.1AI score0.45898EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 4:58 a.m.9 views

CVE-2023-6271

The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups...

7.5CVSS6.2AI score0.00688EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/23 2:8 a.m.7 views

CVE-2023-6972

The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to...

9.8CVSS7.9AI score0.0139EPSS
Exploits1References1
Rows per page
Query Builder