191 matches found
CVE-2024-3546 WordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory Traversal
The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...
CVE-2024-3546 WordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory Traversal
The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...
CVE-2024-3546
CVE-2024-3546 affects the WordPress Backup & Migration plugin (wp-migration-duplicator) for WordPress, up to version 1.4.8. The root cause is a missing capability check in wp_mgdp_populate_popup, enabling authenticated attackers with subscriber access or higher to invoke the function and access l...
WordPress Backup Migration plugin <= 1.4.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.1...
WordPress Backup Migration Plugin <= 1.4.1 is vulnerable to Broken Access Control
Software Backup Migration Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c8830eaae290 Credits Dhabaleshwar Das Required...
Backup Migration < 1.4.4 - Information Exposure via Log Files
Description The Backup Migration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.3 via log files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via log files...
WordPress WordPress Backup & Migration Plugin <= 1.4.8 is vulnerable to Broken Access Control
Software WordPress Backup & Migration Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3546 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7fb4d86b8e12 Credits Krzysztof Zając...
WordPress Backup & Migration < 1.4.9 - Missing Authorization to Directory Traversal
Description The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber...
WordPress Backup Migration Plugin < 1.3.8 RCE Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:backupbliss:backupmigration"; if description...
CVE-2024-32686
Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...
CVE-2024-32686
CVE-2024-32686 affects the Backup Migration plugin for WordPress. The vulnerability is an Information Exposure via Log Files flaw in the plugin, with affected range listed as 1.4.3 and earlier. Public disclosures in connected sources corroborate this issue and note a patched status. The exact pat...
CVE-2024-32686 WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability
Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...
CVE-2024-32686 WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability
Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...
WordPress Plugin Backup Migration 日志信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information...
PT-2024-24772 · Unknown · Inisev Backup Migration
Name of the Vulnerable Software and Affected Versions: Inisev Backup Migration versions n/a through 1.4.3 Description: The issue is related to the insertion of sensitive information into log files. This can potentially expose confidential data. Recommendations: For versions n/a through 1.4.3,...
WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability
Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...
WordPress Backup Migration Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure
Software Backup Migration Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f8f6222b4f0 Credits emad...
CVE-2024-31254
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...
CVE-2024-31254
Technical details are not publicly provided in the supplied documents. No specifics on affected versions beyond 1.4.7, root cause, exploitability, or remediation are present. Monitor for updates.
CVE-2024-31254 WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...