VYPR

WPvivid Backup & Migration Plugin

by WordPress

CVEs (2)

  • CVE-2024-10962HigNov 14, 2024
    risk 0.50cvss 8.8epss 0.01

    The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replace_row_data' and 'replace_serialize_data' functions. This makes it possible for…

  • CVE-2024-3054HigApr 12, 2024
    risk 0.50cvss 7.2epss 0.42

    WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstg_get_custom_exclude_path_free action. This is due to the plugin not providing sufficient…