VYPR
Unrated severityNVD Advisory· Published Jun 27, 2022· Updated Aug 2, 2024

XCloner < 4.3.6 - Plugin Settings Reset

CVE-2022-0444

Description

The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • WordPress/Backup, Restore and Migrate WordPress Sites With the XCloner Plugindescription
  • Xcloner/Xclonerllm-fuzzy
    Range: <4.3.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.