Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:26 a.m.9 views

CVE-2024-9162

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...

7.2CVSS8AI score0.02668EPSS
Exploits1References1
NVD
NVD
added 2024/10/28 6:15 a.m.17 views

CVE-2024-9162

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...

7.2CVSS0.02668EPSS
Exploits1References5
CVE
CVE
added 2024/10/28 5:32 a.m.71 views

CVE-2024-9162

The CVE CVE-2024-9162 affects All-in-One WP Migration and Backup for WordPress. It enables arbitrary PHP code injection during export due to missing file-type validation in versions up to 7.86, requiring Administrator+ authentication to craft a .php export file which may lead to remote code execu...

7.2CVSS7.6AI score0.02668EPSS
Exploits1References5
Patchstack
Patchstack
added 2024/10/28 12:0 a.m.19 views

WordPress All-in-One WP Migration Plugin <= 7.86 is vulnerable to PHP Object Injection

Software All-in-One WP Migration Type Plugin Vulnerable versions = 7.86 Fixed in 7.87 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-9162 Patch priority Low CVSS severity Low 7.2 Developer ServMask, Inc PSID 44c4c1ddd033 Credits Ryan Kozak Required privilege...

7.2CVSS6.9AI score0.02668EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploit
added 2024/09/29 7:34 p.m.568 views

Exploit for CVE-2024-9162

CVE-2024-9162 All-in-One WP Migration and Backup SELECT op...

7.2CVSS6.4AI score0.02668EPSS
Exploits1
Rows per page
Query Builder