CVE-2025-3104

The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest function. This makes it possible for unauthenticated attackers to reveal outdated installed...

CVE-2025-3104 WP Staging Pro <= 6.1.2 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function

The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest function. This makes it possible for unauthenticated attackers to reveal outdated installed...

CVE-2025-3104

CVE-2025-3104 affects the WP STAGING Pro WordPress Backup Plugin for WordPress (versions up to 6.1.2). The issue arises from missing capability checks in getOutdatedPluginsRequest(), enabling unauthenticated disclosure of outdated installed plugins. Impact is information exposure; CVSS 3.1 base s...

CVE-2025-3104 WP Staging Pro <= 6.1.2 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function

The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest function. This makes it possible for unauthenticated attackers to reveal outdated installed...

WordPress WP Staging Pro plugin <= 6.1.2 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function vulnerability

Unauthenticated Information Exposure via getOutdatedPluginsRequest Function vulnerability discovered by haidv35 in WordPress Plugin Wp Staging Pro versions = 6.1.2...

CVE-2024-5551

The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicat...

CVE-2024-5551

The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicat...

CVE-2024-5551

CVE-2024-5551 affects the WP STAGING Pro WordPress Backup Plugin. The vulnerability is a Cross-Site Forgery (CSRF) issue caused by missing/incorrect nonce validation on the sub parameter, allowing unauthenticated attackers to trigger actions that end in Local File Inclusion of files ending with -...

CVE-2024-5551 WP STAGING PRO - Backup Duplicator & Migration <= 5.6.0 - Cross-Site Request Forgery to Limited Local File Inclusion

The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicat...

Wordpress Wp Staging Pro plugin <= 5.6.0 - Cross-Site Request Forgery to Limited Local File Inclusion vulnerability

Cross-Site Request Forgery to Limited Local File Inclusion vulnerability discovered by stealthcopter in WordPress Plugin Wp Staging Pro versions = 5.6.0...

WordPress Wp Staging Pro Plugin <= 5.6.0 is vulnerable to Local File Inclusion

Software Wp Staging Pro Type Plugin Vulnerable versions = 5.6.0 Fixed in 5.6.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5551 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9b2908e7bf24 Credits stealthcopter Required privilege...

WordPress plugin WP STAGING Pro WordPress Backup Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP STAGING...

WordPress WP STAGING Pro plugin <= 5.4.3 - Sensitive Information Exposure via Log File vulnerability

Sensitive Information Exposure via Log File vulnerability discovered by haidv35 in WordPress Plugin Wp Staging Pro versions = 5.4.3...

WordPress Wp Staging Pro Plugin <= 5.4.3 is vulnerable to Sensitive Data Exposure

Software Wp Staging Pro Type Plugin Vulnerable versions = 5.4.3 Fixed in 5.5.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-3682 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID eb5b93b83c9e Credits haidv35 Required privilege...

WordPress Wp Staging Pro Plugin < 5.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Wp Staging Pro Type Plugin Vulnerable versions 5.4.0 Fixed in 5.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2309 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5ceb32027563 Credits Dmitrii Ignatyev Required...