All-in-One WP Migration <= 2.0.4 - Unauthenticated Database Export
| Description |
Unauthenticated users can export a complete copy of the WordPress database, all plugins, themes, and uploaded files. |
Affects Plugin
|
|
References
| Metasploit | auxiliary/gather/wp_all_in_one_migration_export |
| URL | http://www.pritect.net/blog/all-in-one-wp-migration-2-0-4-security-vulnerability |
Classification
| Type | AUTHBYPASS |
| OWASP Top 10 | A2: Broken Authentication and Session Management |
| CWE | CWE-287 |
Miscellaneous
| Submitter | James Golovich |
| Submitter Website | http://www.pritect.net |
| Submitter Twitter | Pritect |
| Views | 5183 |
| Verified | Yes |
| WPVDB ID | 7857 |
Timeline
| Publicly Published | 2015-03-19 (over 5 years ago) |
| Added | 2015-03-19 (over 5 years ago) |
| Last Updated | 2019-10-22 (9 months ago) |
Our Other Services
| Online WordPress Vulnerability Scanner | WPScan WordPress Security Plugin |
