Backup And Migration

backup_and_migration

Vendor: Webtoffee • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-31254 1Webtoffee 1Backup And Migration Apr 28, 2026 Apr 10, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7.
CVE-2023-5738 1Webtoffee 1Backup And Migration Nov 21, 2024 Nov 27, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The WordPress Backup & Migration WordPress plugin before 1.4.4 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks.
CVE-2023-5737 1Webtoffee 1Backup And Migration Nov 21, 2024 Nov 27, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.