Instawp Instawp Connect — known CVE vulnerabilities
Every CVE whose affected-product data names Instawp Instawp Connect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2024-37228 — CVSS 10.0 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP…
CVE-2024-25918 — CVSS 9.9 (critical): Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects…
CVE-2024-6397 — CVSS 9.8 (critical): The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all versions up to…
CVE-2024-2667 — CVSS 9.8 (critical): The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient…
CVE-2024-4898 — CVSS 9.8 (critical): The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing…
CVE-2023-3956 — CVSS 9.8 (critical): The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a…
CVE-2024-22145 — CVSS 8.8 (high): Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a…
CVE-2024-23507 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP InstaWP Connect…
CVE-2024-23506 — CVSS 7.7 (high): Insertion of Sensitive Information Into Sent Data vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP…
CVE-2024-32701 — CVSS 4.3 (medium): Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <=…