Lucene search
K

98 matches found

NVD
NVD
added 2025/01/24 6:15 p.m.8 views

CVE-2025-24652

Missing Authorization vulnerability in revmakx WP Duplicate local-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Duplicate: from n/a through = 1.1.6...

5.4CVSS0.00413EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/24 5:24 p.m.8 views

CVE-2025-24652 WordPress WP Duplicate plugin <= 1.1.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Revmakx WP Duplicate – WordPress Migration Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Duplicate – WordPress Migration Plugin: from n/a through 1.1.6...

5.4CVSS7.1AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/24 12:0 a.m.7 views

WordPress plugin WP Duplicate – WordPress Migration Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP Duplica...

5.4CVSS8.4AI score0.00413EPSS
Exploits0References2
CVE
CVE
added 2025/01/04 7:24 a.m.61 views

CVE-2024-10932

CVE-2024-10932 (Backup Migration, WordPress) Vulnerability: unauthenticated PHP Object Injection via deserialization in recursive_unserialize_replace, affecting all versions up to 1.4.6. Exploit can inject a PHP object; when a POP chain is present, an attacker can delete arbitrary files, retrieve...

8.8CVSS8.9AI score0.0079EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/02 11:59 a.m.7 views

CVE-2023-45636 WordPress Backup & Migration plugin <= 1.4.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through = 1.4.1...

5.4CVSS7.3AI score0.00366EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.3 views

WordPress plugin WordPress Backup & Migration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.6AI score0.00502EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/14 7:34 a.m.5 views

WordPress Migration, Backup, Staging – WPvivid plugin <= 0.9.107 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Webbernaut in WordPress Plugin WPvivid Backup and Migration versions = 0.9.107...

8.8CVSS7.3AI score0.00635EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.4 views

PT-2024-16666 · WordPress · Migration

Name of the Vulnerable Software and Affected Versions: Migration, Backup, Staging – WPvivid plugin for WordPress versions up to, and including, 0.9.107 Description: The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted...

8.8CVSS9.9AI score0.00635EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.6 views

PT-2024-38261 · WordPress · Migration

Name of the Vulnerable Software and Affected Versions: Migration, Backup, Staging WordPress plugin versions prior to 0.9.106 Description: The issue concerns the insufficient randomness in filenames created during backup generation, which could be bruteforced by attackers to leak sensitive...

7.5CVSS6.3AI score0.00574EPSS
Exploits1References8
Patchstack
Patchstack
added 2024/09/12 6:23 a.m.6 views

WordPress Migration, Backup, Staging – WPvivid plugin < 0.9.106 - Unauthenticated Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WPvivid Backup and Migration versions 0.9.106...

7.5CVSS7AI score0.00574EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.4 views

WordPress plugin WPvivid Backup and Migration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS8.2AI score0.00576EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/18 10:31 a.m.21 views

CVE-2024-32686 WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...

5.3CVSS5.6AI score0.00443EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.3 views

WordPress Plugin Backup Migration 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information...

5.3CVSS6AI score0.00443EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/17 12:0 a.m.10 views

WordPress Backup Migration Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f8f6222b4f0 Credits emad...

5.3CVSS6.5AI score0.00443EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/04/15 9:15 a.m.25 views

CVE-2024-32096

Cross-Site Request Forgery CSRF vulnerability in DAEV.Tech WP Migration Plugin DB & Files – WP Synchro.This issue affects WP Migration Plugin DB & Files – WP Synchro: from n/a through 1.11.2...

5.4CVSS5.5AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 8:55 a.m.23 views

CVE-2024-32096 WordPress WP Synchro plugin <= 1.11.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in DAEV.Tech WP Migration Plugin DB & Files – WP Synchro.This issue affects WP Migration Plugin DB & Files – WP Synchro: from n/a through 1.11.2...

5.4CVSS5.7AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 8:55 a.m.68 views

CVE-2024-32096

CVE-2024-32096 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WP Synchro (WP Synchro) , affecting versions from n/a through 1.11.2 . The connected documents confirm CSRF involvement but do not provide concrete exploit details, affected subcomponents, root caus...

5.4CVSS5.2AI score0.00209EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/12 12:0 a.m.16 views

WPvivid Backup & Migration Plugin < 0.9.100 - Admin+ PHAR Deserialization

Description The plugin is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstggetcustomexcludepathfree action. This is due to the plugin not providing sufficient path validation on the treenodenodeid parameter. Th...

7.2CVSS7.1AI score0.41543EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.9 views

PT-2024-23469 · WordPress · Wpvivid Backup & Migration Plugin

Name of the Vulnerable Software and Affected Versions: WPvivid Backup & Migration Plugin for WordPress versions up to, and including, 0.9.99 Description: The issue arises from insufficient path validation on the tree nodenodeid parameter, allowing authenticated attackers with admin-level access a...

7.2CVSS6.8AI score0.41543EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/04/05 7:9 a.m.7 views

WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress Backup & Migration versions = 1.4.7...

7.5CVSS7AI score0.00482EPSS
Exploits0Affected Software1
Rows per page
Query Builder