cleantalk
Vulnerabilities and Security Researches

1 Click WordPress Migration Plugin – 100% FREE for a limited time, CVE-2024-13609

CVE, Research URL

CVE-2024-13609

Home page URL

Security reports for 1 Click WordPress Migration Plugin – 100% FREE for a limited time

Application

1 Click WordPress Migration Plugin – 100% FREE for a limited time

Published on
Feb 18, 2025
Research Description
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data including usernames and their respective password hashes during a short window of time in which the backup is in process.
Affected versions
Min -, max 2.1.
Status
vulnerable
Previous vulnerability researches
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2024-13609) , Feb 19, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025
New vulnerability
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025