2 matches found
WordPress WPvivid Backup and Migration Plugin <= 0.9.99 is vulnerable to PHP Object Injection
Software WPvivid Backup and Migration Type Plugin Vulnerable versions = 0.9.99 Fixed in 0.9.100 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-3054 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 2efae3e5e650 Credits Maksim Kosenko Required...
CVE-2024-3054
WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstggetcustomexcludepathfree action. This is due to the plugin not providing sufficient path validation on the...