← Back

1 Click Migration

1_click_migration

Vendor: 1clickmigration • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-13609
11clickmigration
11 Click Migration
Apr 8, 2026
Feb 18, 2025
N/A· v4
5.9 MEDIUM· v3
N/A· v2
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This make...Show more
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data including usernames and their respective password hashes during a short window of time in which the backup is in process.Show less
CVE-2024-13555
11clickmigration
11 Click Migration
Apr 8, 2026
Feb 18, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce...Show more
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the cancel_actions() function. This makes it possible for unauthenticated attackers to cancel a triggered backup via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less