Instawp Connect Security Vulnerabilities and Issues — Instawp Connect CVE List

Lucene search

InstawpInstawp Connect

2 matches found

CVE•added 2024/05/02 5:15 p.m.•93 views

CVE-2024-2667

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for unauthenticate...

9.8CVSS9.3AI score0.86531EPSS

CVE•added 2024/05/17 9:15 a.m.•81 views

CVE-2024-22145

Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege Escalation.This issue affects InstaWP Connect: from n/a through 0.1.0.8.

8.8CVSS6.8AI score0.13935EPSS