Migration, Backup, Staging – WPvivid, CVE-2024-1982

CVE, Research URL: CVE-2024-1982
Home page URL: Security reports for Migration, Backup, Staging – WPvivid
Application: Migration, Backup, Staging – WPvivid
Published on: Feb 29, 2024
Research Description: The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the get_restore_progress() and restore() functions in all versions up to, and including, 0.9.68. This makes it possible for unauthenticated attackers to exploit a SQL injection vulnerability or trigger a DoS.
Affected versions: Min -, max 0.9.69.
Status: vulnerable

Migration, Backup, Staging &#8211; WPvivid, CVE-2024-1982