WPvivid Backup & Migration
by Wpvivid
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-1357 | Cri | 0.58 | 9.8 | 0.17 | Feb 11, 2026 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path… | ||
| CVE-2024-3054 | Hig | 0.48 | 7.2 | 0.20 | Apr 12, 2024 | WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstg_get_custom_exclude_path_free action. This is due to the plugin not providing sufficient… | ||
| CVE-2024-56273 | Med | 0.28 | 4.3 | 0.00 | Jan 7, 2025 | Missing Authorization vulnerability in wpvividplugins WPvivid Backup and Migration wpvivid-backuprestore allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPvivid Backup and Migration: from n/a through <= 0.9.106. | ||
| CVE-2025-12654 | Low | 0.18 | 2.7 | 0.00 | Dec 21, 2025 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory creation in all versions up to, and including, 0.9.120. This is due to the check_filesystem_permissions() function not properly restricting the directories… | ||
| CVE-2025-5961 | 0.00 | — | 0.02 | Jul 3, 2025 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvivid_upload_import_files' function in all versions up to, and including, 0.9.116. This makes it possible for… | |||
| CVE-2024-13869 | 0.00 | — | 0.22 | Feb 22, 2025 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_files' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated… | |||
| CVE-2023-41243 | 0.00 | — | 0.00 | May 17, 2024 | Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90. |
- risk 0.58cvss 9.8epss 0.17
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path…
- risk 0.48cvss 7.2epss 0.20
WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstg_get_custom_exclude_path_free action. This is due to the plugin not providing sufficient…
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in wpvividplugins WPvivid Backup and Migration wpvivid-backuprestore allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPvivid Backup and Migration: from n/a through <= 0.9.106.
- risk 0.18cvss 2.7epss 0.00
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory creation in all versions up to, and including, 0.9.120. This is due to the check_filesystem_permissions() function not properly restricting the directories…
- CVE-2025-5961Jul 3, 2025risk 0.00cvss —epss 0.02
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvivid_upload_import_files' function in all versions up to, and including, 0.9.116. This makes it possible for…
- CVE-2024-13869Feb 22, 2025risk 0.00cvss —epss 0.22
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_files' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated…
- CVE-2023-41243May 17, 2024risk 0.00cvss —epss 0.00
Improper Privilege Management vulnerability in WPvivid Team WPvivid Backup and Migration allows Privilege Escalation.This issue affects WPvivid Backup and Migration: from n/a through 0.9.90.