Backup And Migration Security Vulnerabilities and Issues — Backup And Migration CVE List

Lucene search

WebtoffeeBackup And Migration

4 matches found

CVE•added 2023/11/27 5:15 p.m.•62 views

CVE-2023-5737

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.

4.3CVSS5AI score0.00067EPSS

CVE•added 2023/11/27 5:15 p.m.•52 views

CVE-2023-5738

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks.

5.4CVSS5.5AI score0.00109EPSS

CVE•added 2024/05/02 5:15 p.m.•44 views

CVE-2024-3546

The WordPress Backup & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wp_mgdp_populate_popup function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber access or abov...

4.3CVSS6.4AI score0.00385EPSS

CVE•added 2024/04/10 4:15 p.m.•42 views

CVE-2024-31254

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7.

7.5CVSS9.3AI score0.0071EPSS