cleantalk
Vulnerabilities and Security Researches

All-in-One WP Migration, CVE-2024-8852

CVE, Research URL

CVE-2024-8852

Home page URL

Security reports for All-in-One WP Migration

Application

All-in-One WP Migration

Published on
Oct 22, 2024
Research Description
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.86 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information such as full paths contained in the exposed log files.
Affected versions
Min -, max 7.87.
Status
vulnerable
Previous vulnerability researches
All-in-One WP Migration (CVE-2021-24216) , Jun 07, 2024
All-in-One WP Migration (CVE-2022-1476) , Jun 07, 2024
All-in-One WP Migration (CVE-2022-2546) , Jun 07, 2024
All-in-One WP Migration (CVE-2024-9162) , Oct 28, 2024
All-in-One WP Migration (CVE-2024-10942) , Mar 13, 2025
New vulnerability
Abandoned Contact Form 7 (CVE-2025-52817) , Jun 29, 2025
Simple Payment (CVE-2025-6688) , Jun 29, 2025
SiteGuard WP Plugin , Jun 28, 2025
DirectIQ Email Marketing (CVE-2025-52829) , Jun 28, 2025
e.nigma buttons (CVE-2025-5535) , Jun 28, 2025