Описание
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the get_restore_progress() and restore() functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL injection vulnerability or trigger a DoS.
Ссылки
- Patch
- ExploitThird Party Advisory
- Third Party Advisory
- Patch
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the get_restore_progress() and restore() functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL injection vulnerability or trigger a DoS.
EPSS
6.5 Medium
CVSS3
9.1 Critical
CVSS3