Log out
Get PRO

Latest

Input validation vulnerability in Backup Migration 1.4.6

  • Severity: high-risk
  • Status: Fixed
  • Publication: January 3, 2025

The Backup Migration plugin for WordPress has a security issue that allows attackers to inject a harmful code into the website. This can be done by taking advantage of a function called ‘recursive_unserialize_replace’ which does not properly check for malicious input. This vulnerability exists in all versions of the plugin up to version 1.4.6. Attackers can use this exploit to delete important files, access sensitive information, or even run their own code on the website. To trigger this issue, an administrator must first create a staging site.

Detected in:

Backup Migration fixed vulnerable versions: >= * <= 1.4.6

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)

Wordpress Linkedin Github

Get Started

About

Popular articles