CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-13555

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the cancel_actions() function. This makes it possible for unauthenticated attackers to cancel a triggered backup via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.7%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2024-13555

1clickmigration » 1 Click Migration » Version: N/A

cpe:2.3:a:1clickmigration:1_click_migration:-
1clickmigration » 1 Click Migration » Version: 1.0

cpe:2.3:a:1clickmigration:1_click_migration:1.0
1clickmigration » 1 Click Migration » Version: 1.1

cpe:2.3:a:1clickmigration:1_click_migration:1.1
1clickmigration » 1 Click Migration » Version: 1.1.4

cpe:2.3:a:1clickmigration:1_click_migration:1.1.4
1clickmigration » 1 Click Migration » Version: 1.1.5

cpe:2.3:a:1clickmigration:1_click_migration:1.1.5
1clickmigration » 1 Click Migration » Version: 1.2

cpe:2.3:a:1clickmigration:1_click_migration:1.2
1clickmigration » 1 Click Migration » Version: 1.3

cpe:2.3:a:1clickmigration:1_click_migration:1.3
1clickmigration » 1 Click Migration » Version: 1.4

cpe:2.3:a:1clickmigration:1_click_migration:1.4
1clickmigration » 1 Click Migration » Version: 1.6

cpe:2.3:a:1clickmigration:1_click_migration:1.6
1clickmigration » 1 Click Migration » Version: 2.0

cpe:2.3:a:1clickmigration:1_click_migration:2.0
1clickmigration » 1 Click Migration » Version: 2.1

cpe:2.3:a:1clickmigration:1_click_migration:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-13555

Products

Pricing

Contact Us