📦 Migration\, Backup\, Staging

CVE-2024-1981 is a critical SQL injection vulnerability in the WPvivid Backup and Migration WordPress plugin that allows unauthenticated attackers to execute arbitrary SQL queries. This enables attack...

The WPvivid Backup & Migration WordPress plugin allows authenticated administrators to upload arbitrary files due to missing file type validation. This vulnerability can lead to remote code execution ...

The WPvivid WordPress plugin is vulnerable to PHP object injection via insecure deserialization in staging site functions. Unauthenticated attackers can exploit this to execute arbitrary code if a sui...

The Migration, Backup, Staging WordPress plugin before version 0.9.106 uses insufficient randomness when generating backup filenames, allowing attackers to brute-force guess these filenames and potent...

The WPvivid Backup & Migration WordPress plugin is vulnerable to PHAR deserialization, allowing authenticated attackers with admin access to potentially execute arbitrary PHP objects. This could lead ...

The WPvivid WordPress plugin up to version 0.9.89 contains a directory traversal vulnerability that allows authenticated administrators to delete arbitrary directories on the server. This affects Word...