The All-in-One WP Migration plugin for WordPress has a security issue that affects versions up to, and including, 6.45. If someone can get you to click on a link, they can use it to inject dangerous web scripts into the page. This happens because the plugin does not thoroughly check the data it gets from users, nor does it properly protect the page from the data it receives.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
