2 matches found
CVE-2024-13609
The CVE-2024-13609 issue affects the WordPress plugin “1 Click WordPress Migration Plugin.” All versions up to and including 2.2 are reported vulnerable to Sensitive Information Exposure via the class-ocm-backup.php, enabling unauthenticated attackers to access usernames and password hashes durin...
CVE-2024-13555
CVE-2024-13555 – The 1 Click WordPress Migration Plugin (up to v2.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation in cancel_actions(). This can allow unauthenticated attackers to cancel a backup triggered by a site administrator via a forged request. No pu...