Skip to main content

All In One Wp Migration

2 CVEs product

Monthly

CVE-2024-8852 MEDIUM POC PATCH This Month

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.86 through publicly exposed log files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

WordPress Information Disclosure All In One Wp Migration
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2022-1476 MEDIUM PATCH This Month

The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file,. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. Epss exploitation probability 35.3%.

PHP WordPress Path Traversal All In One Wp Migration
NVD VulDB
CVSS 3.1
6.6
EPSS
35.3%
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.86 through publicly exposed log files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

WordPress Information Disclosure All In One Wp Migration
NVD
EPSS 35% CVSS 6.6
MEDIUM PATCH This Month

The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file,. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. Epss exploitation probability 35.3%.

PHP WordPress Path Traversal +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy