137 matches found
WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...
WordPress Backup and Restore WordPress Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF)
Software Backup and Restore WordPress Type Plugin Vulnerable versions = 1.50 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-43269 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bdf38dd59af4 Credits Ananda Dhakal...
CVE-2024-38770 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Privilege Escalation Vulnerability
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.20...
Exploit for CVE-2023-6553
CVE-2023-6553 Due to a incorrect include statement in the "...
CVE-2024-5551
The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicat...
CVE-2024-5551
CVE-2024-5551 affects the WP STAGING Pro WordPress Backup Plugin. The vulnerability is a Cross-Site Forgery (CSRF) issue caused by missing/incorrect nonce validation on the sub parameter, allowing unauthenticated attackers to trigger actions that end in Local File Inclusion of files ending with -...
CVE-2024-3412
The WP STAGING WordPress Backup Plugin – Migration Backup Restore plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpstgprocessing AJAX action in all versions up to, and including, 3.4.3. This makes it possible for authenticated attackers, wi...
CVE-2024-3412
CVE-2024-3412 affects the WP STAGING WordPress Backup Plugin – Migration Backup Restore. It is vulnerable in versions
WordPress WordPress Backup & Migration Plugin <= 1.4.8 is vulnerable to Broken Access Control
Software WordPress Backup & Migration Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3546 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7fb4d86b8e12 Credits Krzysztof Zając...
WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability
Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...
WordPress Plugin WP STAGING WordPress Backup 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP STAGING...
WordPress Backup Migration Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure
Software Backup Migration Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-32686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f8f6222b4f0 Credits emad...
PT-2024-19666 · WordPress · Wp Staging Pro +1
Name of the Vulnerable Software and Affected Versions: WP STAGING WordPress Backup Plugin versions prior to 3.4.0 wp-staging-pro WordPress plugin versions prior to 5.4.0 Description: The issue concerns the lack of sanitization and escaping of certain settings in the WP STAGING WordPress Backup...
CVE-2024-31254
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7...
WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability
Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress Backup & Migration versions = 1.4.7...
WordPress Backup Bolt Plugin <= 1.3.0 is vulnerable to Sensitive Data Exposure
Software Backup Bolt Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-7236 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dd36f15c489e Credits Dmitrii Ignatyev Required...
WordPress Backup Plugin < 2.0.9.9 is vulnerable to Sensitive Data Exposure
Software Backup Type Plugin Vulnerable versions 2.0.9.9 Fixed in 2.0.9.9 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-7165 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 23a451d4f975 Credits Dmitrii Ignatyev Required...
Total Upkeep < 1.15.9 - Improper Authorization to Unauthenticated Arbitrary File Download
Description The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check in all versions up to, and including, 1.15.8. This makes it possible for unauthenticated attackers to...
CVE-2023-7204
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...
CVE-2023-7204 WP STAGING WordPress Backup Plugin < 3.2.0 - Unauthorized Sensitive Data Exposure
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...