Lucene search
K

77 matches found

Nuclei
Nuclei
added 14 hours ago59 views

All-in-One WP Migration < 7.87 - Unauthenticated Information Disclosure

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to unauthenticated information disclosure due to its error.log file being publicly accessible in versions before 7.87. id: CVE-2024-8852 info: name: All-in-One WP Migration 7.87 - Unauthenticated Information Disclosure...

5.3CVSS5.9AI score0.01175EPSS
Exploits0References2
Nuclei
Nuclei
added 14 hours ago99 views

WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting

WordPress All-in-One WP Migration plugin 7.62 and prior contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials a...

4.7CVSS6AI score0.01204EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.4 views

CVE-2025-53217

Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through = 2.0.2...

7.6CVSS5.5AI score0.00204EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-1861

Malware in sbrugna...

6.1CVSS6.3AI score0.00924EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0903

Malware in sbrugna...

6CVSS6.2AI score0.01539EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0904

Malware in sbrugna...

6.8CVSS6.3AI score0.01076EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-21551

Malware in sbrugna...

6.1CVSS6.1AI score0.01495EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-6287

Malicious code in bioql PyPI...

7.5CVSS9.2AI score0.00521EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56820

Malicious code in bioql PyPI...

3.7CVSS6.6AI score0.00322EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28389

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 p.m.10 views

CVE-2022-1476

The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the /lib/model/class-ai1wm-backups.php file, in versions up to, and including, 7.58. This can be exploited by administrative users, and users w...

6.6CVSS7AI score0.47495EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 p.m.5 views

CVE-2020-29171

Cross-site scripting XSS vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Security & Firewall all-in-one-wp-security-and-firewall plugin before 4.4.6 for WordPress...

6.1CVSS6AI score0.01495EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:33 a.m.15 views

CVE-2015-9310

The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues...

9.8CVSS8.1AI score0.01869EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:29 a.m.7 views

CVE-2016-10868

The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages...

6.1CVSS6.2AI score0.00923EPSS
Exploits0References1
NVD
NVD
added 2025/03/13 1:15 p.m.9 views

CVE-2024-10942

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.89 via deserialization of untrusted input in the 'replaceserializedvalues' function. This makes it possible for unauthenticated attackers to inject a PHP Objec...

7.5CVSS0.00521EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/13 12:42 p.m.12 views

CVE-2024-10942 All in One WP Migration <= 7.89 - Unauthenticated PHP Object Injection

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.89 via deserialization of untrusted input in the 'replaceserializedvalues' function. This makes it possible for unauthenticated attackers to inject a PHP Objec...

7.5CVSS0.00521EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/13 12:42 p.m.55 views

CVE-2024-10942 All in One WP Migration <= 7.89 - Unauthenticated PHP Object Injection

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.89 via deserialization of untrusted input in the 'replaceserializedvalues' function. This makes it possible for unauthenticated attackers to inject a PHP Objec...

7.5CVSS7.7AI score0.00521EPSS
Exploits0References3
CVE
CVE
added 2025/03/13 12:42 p.m.173 views

CVE-2024-10942

The CVE-2024-10942 entry concerns All-in-One WP Migration and Backup for WordPress (

7.5CVSS7.7AI score0.00521EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/13 1:49 a.m.9 views

WordPress All in One WP Migration plugin <= 7.89 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Webbernaut in WordPress Plugin All-in-One WP Migration versions = 7.89...

7.5CVSS9.2AI score0.00521EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 4:26 a.m.9 views

CVE-2024-9162

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...

7.2CVSS8AI score0.02668EPSS
Exploits1References1
Rows per page
Query Builder