Backup Migration Security Vulnerabilities and Issues — Backup Migration CVE List

Lucene search

BackupblissBackup Migration

3 matches found

CVE•added 2023/12/15 11:15 a.m.•101 views

CVE-2023-6553

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote co...

9.8CVSS9.8AI score0.93076EPSS

CVE•added 2023/12/23 2:15 a.m.•55 views

CVE-2023-6972

The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to dele...

9.8CVSS9.7AI score0.03774EPSS

CVE•added 2023/12/23 2:15 a.m.•43 views

CVE-2023-6971

The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of th...

9.8CVSS9.7AI score0.08485EPSS