9 matches found
WordPress WPvivid Backup & Migration Plugin <= 0.9.116 - Authenticated Arbitrary File Upload
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvividuploadimportfiles' function in all versions up to, and including, 0.9.116. id: CVE-2025-5961 info: name: WordPress WPvivid...
CVE-2025-5961
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvividuploadimportfiles' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers...
CVE-2025-5961
creationtimestamp| type| source ---|---|--- 2025-07-04 15:00:06+00:00| published-proof-of-concept| Telegram/itekV7Xkp3Ho6cERYVofdzlaqFgFj-j1LEcvC2Ybxwbi8 2025-07-04 15:00:11+00:00| published-proof-of-concept| Telegram/89WmPgC2SHosMsiUrRK7pT8KuQvaqUcBa2DausPuvIklXc 2025-07-25 21:02:24+00:00| seen|...
WordPress Migration, Backup, Staging – WPvivid Backup & Migration plugin <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin WPvivid Backup and Migration versions = 0.9.116...
CVE-2025-5961
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvividuploadimportfiles' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers...
CVE-2025-5961
The CVE-2025-5961 entry concerns the WordPress WPvivid Backup & Migration plugin. Affected: plugin versions up to 0.9.116. Root cause: missing file type validation in wpvivid_upload_import_files, enabling authenticated attackers with Administrator-level access to upload arbitrary files to the ser...
CVE-2025-5961 Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvividuploadimportfiles' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers...
CVE-2025-5961 Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvividuploadimportfiles' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers...
Exploit for Unrestricted Upload of File with Dangerous Type in Wpvivid Migration\,_Backup\,_Staging
CVE-2025-5961 Migration, Backup, Staging – WPvivid Backup &...