Wpvivid Migration, Backup, Staging — known CVE vulnerabilities
Every CVE whose affected-product data names Wpvivid Migration, Backup, Staging, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2024-1981 — CVSS 9.8 (critical): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'table_prefix' parameter in version…
CVE-2024-10962 — CVSS 8.8 (high): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including…
CVE-2020-36842 — CVSS 8.8 (high): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check…
CVE-2023-41243 — CVSS 8.8 (high): Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects…
CVE-2023-4274 — CVSS 8.7 (high): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including…
CVE-2023-5576 — CVSS 8.0 (high): The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and…
CVE-2024-7315 — CVSS 7.5 (high): The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient randomness in the filename that is created when…
CVE-2022-2442 — CVSS 7.2 (high): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path'…
CVE-2025-5961 — CVSS 7.2 (high): The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing…
CVE-2024-3054 — CVSS 7.2 (high): WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via…
CVE-2024-1982 — CVSS 6.5 (medium): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
CVE-2022-0531 — CVSS 6.1 (medium): The Migration, Backup, Staging WordPress plugin before 0.9.70 does not sanitise and escape the sub_page parameter before outputting it back…
CVE-2021-24994 — CVSS 6.1 (medium): The Migration, Backup, Staging WordPress plugin before 0.9.69 does not have authorisation when adding remote storages, and does not…
CVE-2020-36835 — CVSS 4.9 (medium): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's…
CVE-2022-2863 — CVSS 4.9 (medium): The Migration, Backup, Staging WordPress plugin before 0.9.76 does not sanitise and validate a parameter before using it to read the…
CVE-2023-5121 — CVSS 4.4 (medium): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings (the backup…
CVE-2023-5120 — CVSS 4.4 (medium): The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image file path…
CVE-2024-56273 — CVSS 4.3 (medium): Missing Authorization vulnerability in wpvividplugins WPvivid Backup and Migration wpvivid-backuprestore allows Accessing Functionality Not…
CVE-2023-4637 — CVSS 4.3 (medium): The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and…