Instawp

Instawp Connect

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2026-39504

  • EPSS 0.02%
  • Veröffentlicht 08.04.2026 08:30:13
  • Zuletzt bearbeitet 13.04.2026 19:16:43

Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.2.5.

6.5

CVE-2025-66068

  • EPSS 0.04%
  • Veröffentlicht 18.12.2025 07:22:17
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InstaWP Connect: from n/a through <= 0.1.1.9.

8.1

CVE-2025-2636

  • EPSS 9.63%
  • Veröffentlicht 11.04.2025 04:21:30
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated at...

7.5

CVE-2025-31387

  • EPSS 0.32%
  • Veröffentlicht 31.03.2025 06:15:30
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in InstaWP InstaWP Connect instawp-connect allows PHP Local File Inclusion.This issue affects InstaWP Connect: from n/a through <= 0...

8.8

CVE-2024-13913

  • EPSS 0.14%
  • Veröffentlicht 14.03.2025 06:15:24
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.0.83. This is due to missing or incorrect nonce validation in the '/migrate/templates/main...

9.8

CVE-2024-6397

  • EPSS 0.59%
  • Veröffentlicht 11.07.2024 04:15:05
  • Zuletzt bearbeitet 08.04.2026 18:22:21

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1.0.44. This is due to insufficient verification of the API key. This makes it possible for unaut...

9.8

CVE-2024-37228

  • EPSS 1.02%
  • Veröffentlicht 24.06.2024 13:15:10
  • Zuletzt bearbeitet 01.04.2026 16:17:20

Unrestricted Upload of File with Dangerous Type vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.38.

9.8

CVE-2024-4898

  • EPSS 90.11%
  • Veröffentlicht 12.06.2024 11:15:50
  • Zuletzt bearbeitet 08.04.2026 18:21:57

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for...

8.8

CVE-2024-32701

  • EPSS 0.41%
  • Veröffentlicht 09.06.2024 18:15:10
  • Zuletzt bearbeitet 01.04.2026 16:17:04

Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.24.

8.8

CVE-2024-22145

  • EPSS 48.86%
  • Veröffentlicht 17.05.2024 09:15:21
  • Zuletzt bearbeitet 01.04.2026 16:16:46

Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.