The Migrate WordPress Website & Backups – Prime Mover plugin for WordPress has a security flaw that can potentially expose sensitive information. This flaw affects all versions up to 1.9.2 and is caused by a directory listing in the ‘prime-mover-export-files/1/’ folder. With this flaw, unauthenticated attackers can access data such as site and configuration information, directories, files, and password hashes without needing any authorization.