2 matches found
CVE-2024-5551 WP STAGING PRO - Backup Duplicator & Migration <= 5.6.0 - Cross-Site Request Forgery to Limited Local File Inclusion
The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicat...
WordPress Wp Staging Pro Plugin <= 5.6.0 is vulnerable to Local File Inclusion
Software Wp Staging Pro Type Plugin Vulnerable versions = 5.6.0 Fixed in 5.6.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5551 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9b2908e7bf24 Credits stealthcopter Required privilege...