CVE-2025-8490

CVE-2025-8490 refers to the All-in-One WP Migration and Backup plugin for WordPress, with a stored cross-site scripting (XSS) flaw in the Import path affecting versions up to 7.97. The issue requires authenticated access at administrator level and affects multi-site installations or sites where u...

WordPress All-in-One WP Migration and Backup plugin <= 7.97 - Authenticated (Administrator+) Stored Cross-Site Scripting via Import vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Import vulnerability discovered by Jack Pas Dark. in WordPress Plugin All-in-One WP Migration versions = 7.97...