Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
backupbliss backup migration vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6266
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated ma...
Backupbliss Backup Migration
NA
CVE-2023-6271
The Backup Migration WordPress plugin prior to 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups.
Backupbliss Backup Migration
NA
CVE-2023-6971
The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated malicious users to include remote files on the server, resulting in code execution. ...
Backupbliss Backup Migration
NA
CVE-2023-6972
The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP ...
Backupbliss Backup Migration
NA
CVE-2023-7002
The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary c...
Backupbliss Backup Migration
NA
CVE-2023-6553
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that t...
Backupbliss Backup Migration
5 Github repositories
NA
CVE-2023-3977
Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it ...
Inisev Redirection
Themecheck Ultimate Posts Widget
Inisev Ssl Mixed Content Fix
Ultimatelysocial Social Media Share Buttons \\& Social Sharing Icons
Inisev Rss Redirect \\& Feedburner Alternative
Mypopups Pop-up
Themecheck Enhanced Text Widget
Copy-delete-posts Duplicate Post
Backupbliss Clone
Backupbliss Backup Migration
NA
CVE-2023-0958
Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for authenticate...
Inisev Redirection
Themecheck Ultimate Posts Widget
Inisev Ssl Mixed Content Fix
Inisev Rss Redirect \\& Feedburner Alternative
Mypopups Pop-up
Themecheck Enhanced Text Widget
Copy-delete-posts Duplicate Post
Backupbliss Clone
Backupbliss Backup Migration
Socialshare Social Share Icons \\& Social Share Buttons
Ultimatelysocial Social Media Share Buttons \\& Social Sharing Icons
312
VMScore
CVE-2021-36884
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered in WordPress Backup Migration plugin <= 1.1.5 versions.
Backupbliss Backup Migration
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started