Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wp-staging wp staging vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6113
The WP STAGING WordPress Backup Plugin prior to 3.1.3 and WP STAGING Pro WordPress Backup Plugin prior to 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated malicious users to download said backups later.
Wp-staging Wp Staging
NA
CVE-2022-2737
The WP STAGING WordPress plugin prior to 2.9.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite ...
Wp-staging Wp Staging
NA
CVE-2023-7204
The WP STAGING WordPress Backup plugin prior to 3.2.0 allows access to cache files during the cloning process which provides
Wp-staging Wp Staging
NA
CVE-2024-23506
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in InstaWP Team InstaWP Connect – 1-click WP Staging & Migration.This issue affects InstaWP Connect – 1-click WP Staging & Migration: from n/a up to and including 0.1.0.9.
Instawp Instawp Connect
NA
CVE-2024-23507
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP Team InstaWP Connect – 1-click WP Staging & Migration.This issue affects InstaWP Connect – 1-click WP Staging & Migration: from n/a up to an...
Instawp Instawp Connect
NA
CVE-2024-2309
The WP STAGING WordPress Backup Plugin WordPress plugin prior to 3.4.0, wp-staging-pro WordPress plugin prior to 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when ...
NA
CVE-2024-3682
The WP STAGING and WP STAGING Pro plugins for WordPress are vulnerable to Sensitive Information Exposure in versions up to, and including, 3.4.3, and versions up to, and including, 5.4.3, respectively, via the ajaxSendReport function. This makes it possible for unauthenticated ma...
NA
CVE-2024-2667
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes i...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started