6 matches found
WordPress WPvivid Backup <0.9.76 - Local File Inclusion
WordPress WPvivid Backup version 0.9.76 is vulnerable to local file inclusion because the plugin does not sanitize and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server. id: CVE-2022-2863 info: name: WordPress...
CVE-2022-2863
The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack...
WordPress WPvivid Backup Path Traversal Vulnerability
Wordpress plugin - WPvivid Backup - Version 0.9.76 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeline of disclosure Thanks & Acknowledgements Reference...
WordPress WPvivid Backup Path Traversal
===== Tempest Security Intelligence - ADV-15/2022 ========================== Wordpress plugin - WPvivid Backup - Version 0.9.76 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview...
CVE-2022-2863 WPvivid Backup < 0.9.76 - Admin+ Arbitrary File Read
The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack...
CVE-2022-2863
Summary (CVE-2022-2863): The WordPress plugin WPvivid Backup (Migration, Backup, Staging) before version 0.9.76 is affected by a local file inclusion vulnerability. The issue arises because the plugin does not sanitize/validate a parameter before using it to read a file, enabling high-privilege u...