Lucene search
+L

191 matches found

vulnrichment
vulnrichment
added 2024/05/02 4:51 p.m.11 views

CVE-2024-3546 WordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory Traversal

The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...

4.3CVSS6AI score0.00491EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/02 4:51 p.m.26 views

CVE-2024-3546 WordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory Traversal

The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or above...

4.3CVSS4.7AI score0.00491EPSS
Exploits0References2
cve
cve
added 2024/05/02 4:51 p.m.55 views

CVE-2024-3546

CVE-2024-3546 affects the WordPress Backup & Migration plugin (wp-migration-duplicator) for WordPress, up to version 1.4.8. The root cause is a missing capability check in wp_mgdp_populate_popup, enabling authenticated attackers with subscriber access or higher to invoke the function and access l...

4.3CVSS6.4AI score0.00491EPSS
Exploits0References2
patchstack
patchstack
added 2024/04/26 9:40 a.m.2 views

WordPress Backup Migration plugin <= 1.4.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.1...

7AI score0.00208EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/04/26 12:0 a.m.14 views

WordPress Backup Migration Plugin <= 1.4.1 is vulnerable to Broken Access Control

Software Backup Migration Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.4.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c8830eaae290 Credits Dhabaleshwar Das Required...

6.2AI score0.00208EPSS
Exploits0References2Affected Software1
wpvulndb
wpvulndb
added 2024/04/24 12:0 a.m.16 views

Backup Migration < 1.4.4 - Information Exposure via Log Files

Description The Backup Migration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.3 via log files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via log files...

5.3CVSS6.7AI score0.00443EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/04/23 12:0 a.m.18 views

WordPress WordPress Backup & Migration Plugin <= 1.4.8 is vulnerable to Broken Access Control

Software WordPress Backup & Migration Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3546 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7fb4d86b8e12 Credits Krzysztof Zając...

4.3CVSS6.6AI score0.00491EPSS
Exploits0References3Affected Software1
wpvulndb
wpvulndb
added 2024/04/22 12:0 a.m.12 views

WordPress Backup & Migration < 1.4.9 - Missing Authorization to Directory Traversal

Description The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpmgdppopulatepopup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber...

4.3CVSS6.7AI score0.00491EPSS
Exploits0References1Affected Software1
openvas
openvas
added 2024/04/22 12:0 a.m.24 views

WordPress Backup Migration Plugin < 1.3.8 RCE Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:backupbliss:backupmigration"; if description...

9.8CVSS9.6AI score0.97846EPSS
Exploits14References1
nvd
nvd
added 2024/04/18 11:15 a.m.31 views

CVE-2024-32686

Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...

5.3CVSS5.3AI score0.00443EPSS
Exploits0References1
cve
cve
added 2024/04/18 10:31 a.m.81 views

CVE-2024-32686

CVE-2024-32686 affects the Backup Migration plugin for WordPress. The vulnerability is an Information Exposure via Log Files flaw in the plugin, with affected range listed as 1.4.3 and earlier. Public disclosures in connected sources corroborate this issue and note a patched status. The exact pat...

5.3CVSS5.2AI score0.00443EPSS
Exploits0References1
cvelist
cvelist
added 2024/04/18 10:31 a.m.23 views

CVE-2024-32686 WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...

5.3CVSS5.6AI score0.00443EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/04/18 10:31 a.m.11 views

CVE-2024-32686 WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...

5.3CVSS5.2AI score0.00443EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/04/18 12:0 a.m.5 views

WordPress Plugin Backup Migration 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information...

5.3CVSS6AI score0.00443EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/04/18 12:0 a.m.15 views

PT-2024-24772 · Unknown · Inisev Backup Migration

Name of the Vulnerable Software and Affected Versions: Inisev Backup Migration versions n/a through 1.4.3 Description: The issue is related to the insertion of sensitive information into log files. This can potentially expose confidential data. Recommendations: For versions n/a through 1.4.3,...

5.3CVSS6.3AI score0.00443EPSS
Exploits0References4
patchstack
patchstack
added 2024/04/17 2:21 p.m.8 views

WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...

5.3CVSS7AI score0.00443EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/04/17 12:0 a.m.13 views

WordPress Backup Migration Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f8f6222b4f0 Credits emad...

5.3CVSS6.5AI score0.00443EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2024/04/10 4:15 p.m.30 views

CVE-2024-31254

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...

7.5CVSS4.2AI score0.00482EPSS
Exploits0References1
cve
cve
added 2024/04/10 3:45 p.m.61 views

CVE-2024-31254

Technical details are not publicly provided in the supplied documents. No specifics on affected versions beyond 1.4.7, root cause, exploitability, or remediation are present. Monitor for updates.

7.5CVSS8.6AI score0.00482EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/04/10 3:45 p.m.26 views

CVE-2024-31254 WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...

3.7CVSS7.2AI score0.00482EPSS
Exploits0References1
Rows per page
Query Builder