Lucene search
K

137 matches found

Patchstack
Patchstack
added 2024/10/21 9:27 a.m.4 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...

7.2CVSS7.3AI score0.00516EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.11 views

WordPress Backup and Restore WordPress Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF)

Software Backup and Restore WordPress Type Plugin Vulnerable versions = 1.50 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-43269 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bdf38dd59af4 Credits Ananda Dhakal...

4.3CVSS6.7AI score0.00172EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/01 8:57 p.m.16 views

CVE-2024-38770 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Privilege Escalation Vulnerability

Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.20...

9.8CVSS9.8AI score0.00535EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/06/29 5:1 p.m.344 views

Exploit for CVE-2023-6553

CVE-2023-6553 Due to a incorrect include statement in the "...

9.8CVSS8.2AI score0.97846EPSS
Exploits14
NVD
NVD
added 2024/06/14 6:15 a.m.29 views

CVE-2024-5551

The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicat...

8.8CVSS0.0028EPSS
Exploits0References3
CVE
CVE
added 2024/06/14 5:39 a.m.65 views

CVE-2024-5551

CVE-2024-5551 affects the WP STAGING Pro WordPress Backup Plugin. The vulnerability is a Cross-Site Forgery (CSRF) issue caused by missing/incorrect nonce validation on the sub parameter, allowing unauthenticated attackers to trigger actions that end in Local File Inclusion of files ending with -...

8.8CVSS7.4AI score0.0028EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/05/29 9:15 a.m.17 views

CVE-2024-3412

The WP STAGING WordPress Backup Plugin – Migration Backup Restore plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpstgprocessing AJAX action in all versions up to, and including, 3.4.3. This makes it possible for authenticated attackers, wi...

9.1CVSS9.4AI score0.00788EPSS
Exploits0References2
CVE
CVE
added 2024/05/29 8:30 a.m.76 views

CVE-2024-3412

CVE-2024-3412 affects the WP STAGING WordPress Backup Plugin – Migration Backup Restore. It is vulnerable in versions

9.1CVSS9.4AI score0.00788EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/23 12:0 a.m.17 views

WordPress WordPress Backup & Migration Plugin <= 1.4.8 is vulnerable to Broken Access Control

Software WordPress Backup & Migration Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3546 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7fb4d86b8e12 Credits Krzysztof Zając...

4.3CVSS6.6AI score0.00491EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/17 2:21 p.m.6 views

WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...

5.3CVSS7AI score0.00443EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.5 views

WordPress Plugin WP STAGING WordPress Backup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP STAGING...

4.8CVSS8.2AI score0.00423EPSS
Exploits2References2
Patchstack
Patchstack
added 2024/04/17 12:0 a.m.10 views

WordPress Backup Migration Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f8f6222b4f0 Credits emad...

5.3CVSS6.5AI score0.00443EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/14 12:0 a.m.9 views

PT-2024-19666 · WordPress · Wp Staging Pro +1

Name of the Vulnerable Software and Affected Versions: WP STAGING WordPress Backup Plugin versions prior to 3.4.0 wp-staging-pro WordPress plugin versions prior to 5.4.0 Description: The issue concerns the lack of sanitization and escaping of certain settings in the WP STAGING WordPress Backup...

4.8CVSS8.2AI score0.00423EPSS
Exploits2References8
NVD
NVD
added 2024/04/10 4:15 p.m.29 views

CVE-2024-31254

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...

7.5CVSS4.2AI score0.00482EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/05 7:9 a.m.7 views

WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress Backup & Migration versions = 1.4.7...

7.5CVSS7AI score0.00482EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/03/19 12:0 a.m.18 views

WordPress Backup Bolt Plugin <= 1.3.0 is vulnerable to Sensitive Data Exposure

Software Backup Bolt Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-7236 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dd36f15c489e Credits Dmitrii Ignatyev Required...

6.5AI score0.0055EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2024/02/27 12:0 a.m.15 views

WordPress Backup Plugin < 2.0.9.9 is vulnerable to Sensitive Data Exposure

Software Backup Type Plugin Vulnerable versions 2.0.9.9 Fixed in 2.0.9.9 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-7165 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 23a451d4f975 Credits Dmitrii Ignatyev Required...

7.5CVSS6.5AI score0.01915EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/06 12:0 a.m.26 views

Total Upkeep < 1.15.9 - Improper Authorization to Unauthenticated Arbitrary File Download

Description The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check in all versions up to, and including, 1.15.8. This makes it possible for unauthenticated attackers to...

5CVSS7.1AI score0.00658EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/01/29 3:15 p.m.2 views

CVE-2023-7204

The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...

7.5CVSS7.3AI score0.00644EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/01/29 2:44 p.m.13 views

CVE-2023-7204 WP STAGING WordPress Backup Plugin < 3.2.0 - Unauthorized Sensitive Data Exposure

The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...

6.8AI score0.00644EPSS
Exploits2References1
Rows per page
Query Builder