3 matches found
CVE-2024-9461 Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...
CVE-2024-9461 Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...
WordPress Total Upkeep Plugin <= 1.16.6 is vulnerable to Remote Code Execution (RCE)
Software Total Upkeep Type Plugin Vulnerable versions = 1.16.6 Fixed in 1.16.7 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-9461 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 5d87f5849942 Credits Jonas Benjamin Friedli Required privile...