Backupbliss Backup Migration — known CVE vulnerabilities
Every CVE whose affected-product data names Backupbliss Backup Migration, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-6553 — CVSS 9.8 (critical): The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the…
CVE-2023-6972 — CVSS 9.8 (critical): The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the…
CVE-2023-6971 — CVSS 8.1 (high): The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP…
CVE-2023-6266 — CVSS 7.5 (high): The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the…
CVE-2023-6271 — CVSS 7.5 (high): The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which…
CVE-2023-7002 — CVSS 7.2 (high): The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url'…
CVE-2023-3977 — CVSS 4.3 (medium): Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a…
CVE-2023-0958 — CVSS 4.3 (medium): Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the…