Unrated severityNVD Advisory· Published Jun 27, 2022· Updated Aug 2, 2024
XCloner < 4.3.6 - Plugin Settings Reset
CVE-2022-0444
Description
The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Backup, Restore and Migrate WordPress Sites With the XCloner Plugindescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/9567d295-43c7-4e59-9283-c7726f16d40bmitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.