Skip to main content
CVE-2023-6972 CRITICAL PATCH Act Now

The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal RCE WordPress PHP Backup Migration
NVD VulDB
CVSS 3.1
9.8
EPSS
3.8%
CVE-2023-6971 CRITICAL PATCH Act Now

The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE WordPress PHP Backup Migration
NVD
CVSS 3.1
9.8
EPSS
6.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy