CVE-2024-48020

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows SQL Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.21...

CVE-2024-8856

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

PT-2024-33637 · Wp Time Capsule · Backup/Staging By Wp Time Capsule

Name of the Vulnerable Software and Affected Versions: Backup and Staging by WP Time Capsule versions 1.22.21 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For versions 1.22.21 and earlier, update to a version...

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...

PT-2024-32937 · Wp Time Capsule · Revmakx Backup/Staging

Name of the Vulnerable Software and Affected Versions: Revmakx Backup and Staging by WP Time Capsule versions 1.22.21 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...

WordPress Backup and Staging by WP Time Capsule Plugin <= 1.22.21 is vulnerable to SQL Injection

Software Backup and Staging by WP Time Capsule Type Plugin Vulnerable versions = 1.22.21 Fixed in 1.22.22 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-48020 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 257cfd27ce2c Credits Hakiduck Required...