3 matches found
CVE-2023-4637
The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore and getrestoreprogress function in versions up to, and including, 0.9.94. This makes it possible for unauthenticated attackers to invoke these functions and obtain full...
CVE-2023-4637
CVE-2023-4637 affects the WPvivid Backup and Migration WordPress plugin. A missing capability check in restore() and get_restore_progress() in versions up to 0.9.94 allows unauthenticated attackers with a backup ID to invoke these functions and obtain full file paths, exposing Information Exposur...
WordPress WPvivid Backup and Migration Plugin <= 0.9.94 is vulnerable to Broken Access Control
Software WPvivid Backup and Migration Type Plugin Vulnerable versions = 0.9.94 Fixed in 0.9.95 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4637 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9fe28924b5f3 Credits Revan Arifio...