Vulnerabilities > Wpvivid > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-16 | CVE-2020-36842 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvivid_upload_import_files and wpvivid_upload_files AJAX actions that allows low-level authenticated attackers to upload zip files that can be subsequently extracted. | 8.8 |
2022-09-06 | CVE-2022-2442 | Deserialization of Untrusted Data vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. | 7.2 |
2022-04-11 | CVE-2022-27844 | Path Traversal vulnerability in Wpvivid Migration, Backup, Staging Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 | 7.5 |