19 matches found
VulnCheck KEV: CVE-2024-13609
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data includi...
CVE-2025-11170
The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the CpiwmImportController::import function in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the...
PT-2025-46245
The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the Cpiwm Import Controller::import function in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers to upload arbitrary files on t...
EUVD-2025-3849
Malicious code in bioql PyPI...
EUVD-2025-14128
Malicious code in bioql PyPI...
CVE-2025-8490
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Import in all versions up to, and including, 7.97 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-lev...
CVE-2025-3455
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'startrestore' function in all versions up to, and including, 2.2. This makes it possible for authenticated...
CVE-2025-3455 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'startrestore' function in all versions up to, and including, 2.2. This makes it possible for authenticated...
CVE-2025-3455 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'startrestore' function in all versions up to, and including, 2.2. This makes it possible for authenticated...
CVE-2025-32257 WordPress 1 Click WordPress Migration plugin <= 2.5.7 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration allows Retrieve Embedded Sensitive Data.This issue affects 1 Click WordPress Migration: from n/a through = 2.5.7...
CVE-2024-13555
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancelactions function. This makes it possible for...
CVE-2024-13609
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data includi...
CVE-2024-13609
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data includi...
CVE-2024-13555
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancelactions function. This makes it possible for...
CVE-2024-13609 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Unauthenticated Sensitive Information Exposure via Database Backup in class-ocm-backup.php
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data includi...
CVE-2024-13555
CVE-2024-13555 – The 1 Click WordPress Migration Plugin (up to v2.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation in cancel_actions(). This can allow unauthenticated attackers to cancel a backup triggered by a site administrator via a forged request. No pu...
1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation
Description The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancelactions function. This makes it possible...
CVE-2025-24652
Missing Authorization vulnerability in revmakx WP Duplicate local-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Duplicate: from n/a through = 1.1.6...
WordPress plugin WP Duplicate – WordPress Migration Plugin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP Duplica...