CVE-2024-2667

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

EUVD-2023-44581

Malicious code in bioql PyPI...

CVE-2023-3956

The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'eventsreceiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add,...

CVE-2024-23507 WordPress InstaWP Connect plugin <= 0.1.0.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through = 0.1.0.9...

The vulnerability of the save_management_settings() function in the InstaWP Connect plugin of the WordPress content management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the savemanagementsettings function in the InstaWP Connect plugin of the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain read, edit, or delete access to data...

CVE-2024-23506 WordPress InstaWP Connect plugin <= 0.1.0.9 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through = 0.1.0.9...

CVE-2024-23506 WordPress InstaWP Connect plugin <= 0.1.0.9 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through = 0.1.0.9...