5 matches found
CVE-2024-9162
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...
CVE-2024-9162
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above...
CVE-2024-9162
The CVE CVE-2024-9162 affects All-in-One WP Migration and Backup for WordPress. It enables arbitrary PHP code injection during export due to missing file-type validation in versions up to 7.86, requiring Administrator+ authentication to craft a .php export file which may lead to remote code execu...
WordPress All-in-One WP Migration Plugin <= 7.86 is vulnerable to PHP Object Injection
Software All-in-One WP Migration Type Plugin Vulnerable versions = 7.86 Fixed in 7.87 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-9162 Patch priority Low CVSS severity Low 7.2 Developer ServMask, Inc PSID 44c4c1ddd033 Credits Ryan Kozak Required privilege...
Exploit for CVE-2024-9162
CVE-2024-9162 All-in-One WP Migration and Backup SELECT op...