98 matches found
CVE-2025-24652
Missing Authorization vulnerability in revmakx WP Duplicate local-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Duplicate: from n/a through = 1.1.6...
CVE-2025-24652 WordPress WP Duplicate plugin <= 1.1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Revmakx WP Duplicate – WordPress Migration Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Duplicate – WordPress Migration Plugin: from n/a through 1.1.6...
WordPress plugin WP Duplicate – WordPress Migration Plugin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP Duplica...
CVE-2024-10932
CVE-2024-10932 (Backup Migration, WordPress) Vulnerability: unauthenticated PHP Object Injection via deserialization in recursive_unserialize_replace, affecting all versions up to 1.4.6. Exploit can inject a PHP object; when a POP chain is present, an attacker can delete arbitrary files, retrieve...
CVE-2023-45636 WordPress Backup & Migration plugin <= 1.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through = 1.4.1...
WordPress plugin WordPress Backup & Migration 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Migration, Backup, Staging – WPvivid plugin <= 0.9.107 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Webbernaut in WordPress Plugin WPvivid Backup and Migration versions = 0.9.107...
PT-2024-16666 · WordPress · Migration
Name of the Vulnerable Software and Affected Versions: Migration, Backup, Staging – WPvivid plugin for WordPress versions up to, and including, 0.9.107 Description: The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted...
PT-2024-38261 · WordPress · Migration
Name of the Vulnerable Software and Affected Versions: Migration, Backup, Staging WordPress plugin versions prior to 0.9.106 Description: The issue concerns the insufficient randomness in filenames created during backup generation, which could be bruteforced by attackers to leak sensitive...
WordPress Migration, Backup, Staging – WPvivid plugin < 0.9.106 - Unauthenticated Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WPvivid Backup and Migration versions 0.9.106...
WordPress plugin WPvivid Backup and Migration 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-32686 WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability
Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3...
WordPress Plugin Backup Migration 日志信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information...
WordPress Backup Migration Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure
Software Backup Migration Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f8f6222b4f0 Credits emad...
CVE-2024-32096
Cross-Site Request Forgery CSRF vulnerability in DAEV.Tech WP Migration Plugin DB & Files – WP Synchro.This issue affects WP Migration Plugin DB & Files – WP Synchro: from n/a through 1.11.2...
CVE-2024-32096 WordPress WP Synchro plugin <= 1.11.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in DAEV.Tech WP Migration Plugin DB & Files – WP Synchro.This issue affects WP Migration Plugin DB & Files – WP Synchro: from n/a through 1.11.2...
CVE-2024-32096
CVE-2024-32096 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WP Synchro (WP Synchro) , affecting versions from n/a through 1.11.2 . The connected documents confirm CSRF involvement but do not provide concrete exploit details, affected subcomponents, root caus...
WPvivid Backup & Migration Plugin < 0.9.100 - Admin+ PHAR Deserialization
Description The plugin is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstggetcustomexcludepathfree action. This is due to the plugin not providing sufficient path validation on the treenodenodeid parameter. Th...
PT-2024-23469 · WordPress · Wpvivid Backup & Migration Plugin
Name of the Vulnerable Software and Affected Versions: WPvivid Backup & Migration Plugin for WordPress versions up to, and including, 0.9.99 Description: The issue arises from insufficient path validation on the tree nodenodeid parameter, allowing authenticated attackers with admin-level access a...
WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability
Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress Backup & Migration versions = 1.4.7...