3 matches found
CVE-2022-2442
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper...
WordPress Migration, Backup, Staging - WPvivid Plugin <= 0.9.74 PHAR Deserialization Vulnerability
The WordPress plugin Migration, Backup, Staging - WPvivid is prone to an authenticated PHAR deserialization vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2022-2442
The CVE-2022-2442 entry relates to the WPvivid Migration, Backup, Staging WordPress plugin. Affected version range: up to and including 0.9.74. The root cause is deserialization of untrusted input via the path parameter, allowing an authenticated administrator to upload a serialized payload that ...