EUVD-2025-210080

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the deletecancelstagingsite function in all versions up to, and including, 0.9.128. This makes it possible for authenticated...

WordPress WPvivid — Backup, Migration & Staging plugin <= 0.9.128 - Authenticated (Admin+) Arbitrary Directory Deletion vulnerability

Authenticated Admin+ Arbitrary Directory Deletion vulnerability discovered by blue0x1 in WordPress Plugin WPvivid Backup and Migration versions = 0.9.128...