CVE-2024-10962

Published: Nov 14, 2024Modified: Feb 27, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: security@wordfence.com (Secondary)

Description

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replace_row_data' and 'replace_serialize_data' functions. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. An administrator must create a staging site to trigger the exploit.

Affected (1)

Products: Wpvivid: Migration, Backup, Staging

1 product

Migration, Backup, Staging

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wpvivid Migration, Backup, Staging	Before 0.9.108

Related CWEs

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (4)

https://plugins.trac.wordpress.org/browser/wpvivid-backuprestore/trunk/includes/staging/class-wpvivid-staging-copy-db-ex.php#L1104

Source: security@wordfence.com

Product

https://plugins.trac.wordpress.org/browser/wpvivid-backuprestore/trunk/includes/staging/class-wpvivid-staging-copy-db-ex.php#L1120

Source: security@wordfence.com

Product

https://plugins.trac.wordpress.org/changeset/3186082/

Source: security@wordfence.com

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/9b4eba78-29f2-4357-ab3c-7bc3c20e0e75?source=cve

Source: security@wordfence.com

Third Party Advisory

Timeline

No history available yet.