Wpvivid: Security Vulnerabilities
Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70
CVSS Score
2.7
EPSS Score
0.009
Published
2022-04-11
The Migration, Backup, Staging WordPress plugin before 0.9.70 does not sanitise and escape the sub_page parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.003
Published
2022-04-11
The Migration, Backup, Staging WordPress plugin before 0.9.69 does not have authorisation when adding remote storages, and does not sanitise as well as escape a parameter from such unauthenticated requests before outputting it in admin page, leading to a Stored Cross-Site Scripting issue
CVSS Score
6.1
EPSS Score
0.035
Published
2022-02-28
Page 3