CVE-2024-8852
- EPSS 10.27%
- Veröffentlicht 22.10.2024 06:15:04
- Zuletzt bearbeitet 25.10.2024 21:20:11
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.86 through publicly exposed log files. This makes it possible for unauthenticated attackers to view po...
CVE-2023-40004
- EPSS 6.09%
- Veröffentlicht 19.06.2024 12:15:09
- Zuletzt bearbeitet 21.11.2024 08:18:30
Missing Authorization vulnerability in ServMask All-in-One WP Migration Box Extension, ServMask All-in-One WP Migration OneDrive Extension, ServMask All-in-One WP Migration Dropbox Extension, ServMask All-in-One WP Migration Google Drive Extension.Th...
CVE-2022-2546
- EPSS 16.21%
- Veröffentlicht 02.02.2023 09:15:08
- Zuletzt bearbeitet 26.03.2025 15:15:38
The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wm_export AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject ...
CVE-2022-1476
- EPSS 35.32%
- Veröffentlicht 10.05.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:40:47
The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file, in versions up to, and including, 7.58. This can b...