Lucene search
+L

70 matches found

NVD
NVD
added 2024/02/29 7:15 a.m.22 views

CVE-2024-1981

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

9.8CVSS9.7AI score0.01075EPSS
Exploits1References3
Prion
Prion
added 2024/02/29 7:15 a.m.32 views

Sql injection

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS9.6AI score0.01075EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/29 6:47 a.m.17 views

CVE-2024-1981

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

9.8CVSS9.7AI score0.01075EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/29 6:47 a.m.23 views

CVE-2024-1981

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

9.8CVSS9.8AI score0.01075EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/29 6:47 a.m.19 views

CVE-2024-1982 WPvivid Backup and Migration <= 0.9.68 - Missing Authorization

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the getrestoreprogress and restore functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL...

6.5CVSS6.9AI score0.00832EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/29 6:47 a.m.30 views

CVE-2024-1982 WPvivid Backup and Migration <= 0.9.68 - Missing Authorization

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the getrestoreprogress and restore functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL...

6.5CVSS6.8AI score0.00832EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/02/29 12:0 a.m.4 views

PT-2024-18470 · WordPress · Wpvivid

Name of the Vulnerable Software and Affected Versions: Migration, Backup, Staging – WPvivid plugin for WordPress versions up to, and including, 0.9.68 Description: The issue is related to a missing capability check on the get restore progress and restore functions, allowing unauthorized access...

9.1CVSS9.7AI score0.00832EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2024/02/05 9:21 p.m.14 views

CVE-2023-4637 WPvivid <= 0.9.94 - Missing Authorization

The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore and getrestoreprogress function in versions up to, and including, 0.9.94. This makes it possible for unauthenticated attackers to invoke these functions and obtain full...

4.3CVSS6.7AI score0.00615EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/05 12:0 a.m.6 views

PT-2024-13356 · WordPress · Wpvivid

Name of the Vulnerable Software and Affected Versions: WPvivid plugin for WordPress versions up to, and including, 0.9.94 Description: The issue is related to a missing capability check on the restore and get restore progress functions. This allows unauthenticated attackers to invoke these...

5.3CVSS6.2AI score0.00615EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2023/10/26 12:0 a.m.34 views

WordPress Migration, Backup, Staging - WPvivid Plugin < 0.9.90 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpvivid:migration%2cbackup%2cstaging"; ifdescription...

8.7CVSS6.9AI score0.01219EPSS
Exploits1References3
OSV
OSV
added 2023/10/20 8:15 a.m.5 views

CVE-2023-5121

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings the backup path parameter in versions up to, and including, 0.9.89 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.8CVSS6.5AI score0.00333EPSS
Exploits0References2
Prion
Prion
added 2023/10/20 8:15 a.m.24 views

Cross site scripting

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings the backup path parameter in versions up to, and including, 0.9.89 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.3CVSS4.6AI score0.00333EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 7:29 a.m.13 views

CVE-2023-5121 Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings the backup path parameter in versions up to, and including, 0.9.89 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS6.5AI score0.00333EPSS
Exploits0References2
CVE
CVE
added 2023/10/20 7:29 a.m.70 views

CVE-2023-5121

CVE-2023-5121 affects the WordPress plugin “Migration, Backup, Staging – WPvivid” (WPvivid Backup/Restore). The vulnerability is a Stored Cross‑Site Scripting (XSS) in the backup path parameter due to insufficient input sanitization and output escaping. Affected versions are up to and including 0...

4.8CVSS5AI score0.00333EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/20 7:29 a.m.38 views

CVE-2023-5121 Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings the backup path parameter in versions up to, and including, 0.9.89 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS5.5AI score0.00333EPSS
Exploits0References2
NVD
NVD
added 2023/10/20 7:15 a.m.26 views

CVE-2023-5576

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate...

9.3CVSS8.1AI score0.00755EPSS
Exploits0References3
Prion
Prion
added 2023/10/20 7:15 a.m.15 views

Design/Logic Flaw

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate...

5.8CVSS9AI score0.00755EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 6:35 a.m.13 views

CVE-2023-4274

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 0.9.89. This allows authenticated attackers with administrative privileges to delete the contents of arbitrary directories on the server, which can be a critical...

8.7CVSS8.4AI score0.01219EPSS
Exploits1References3
CVE
CVE
added 2023/10/20 6:35 a.m.54 views

CVE-2023-4274

CVE-2023-4274 affects the WordPress WPvivid Migration/Backup/Staging plugin. Documents confirm a Directory Traversal flaw in WPvivid BackupRestore

8.7CVSS6.4AI score0.01219EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 6:35 a.m.9 views

CVE-2023-5576 Migration, Backup, Staging – WPvivid <= 0.9.91 - Google Drive Client Secret Exposure

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate...

8CVSS7.2AI score0.00755EPSS
Exploits0References3
Rows per page
Query Builder