Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpvividplugins — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting wpvividplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wpvividplugins develops WordPress backup and migration plugins with 19 recorded CVEs, primarily focusing on site transfer and data protection. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and improper access controls. The plugin's extensive file handling capabilities have frequently introduced RCE risks, while its administrative interfaces have been prone to XSS flaws. No major public security incidents have been documented, though the consistent pattern of vulnerabilities across multiple CVEs indicates ongoing security challenges in handling user inputs and managing file operations within WordPress environments.

Top products by wpvividplugins: WPvivid — Backup, Migration & Staging Migration, Backup, Staging – WPvivid WPvivid Backup for MainWP WPvivid Backup and Migration
CVE IDTitleCVSSSeverityPublished
CVE-2026-1357 Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload — WPvivid — Backup, Migration & StagingCWE-434 9.8 Critical2026-02-11
CVE-2025-12654 Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.120 - Authenticated (Admin+) Arbitrary Directory Creation — WPvivid — Backup, Migration & StagingCWE-73 2.7 Low2025-12-21
CVE-2025-5961 Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload — WPvivid — Backup, Migration & StagingCWE-434 7.2 High2025-07-03
CVE-2024-13869 Migration, Backup, Staging – WPvivid <= 0.9.112 - Authenticated (Admin+) Arbitrary File Upload via wpvivid_upload_file — WPvivid — Backup, Migration & StagingCWE-434 7.2 High2025-02-22
CVE-2024-56273 WordPress WPvivid Backup plugin <= 0.9.106 - Broken Access Control vulnerability — WPvivid Backup and MigrationCWE-862 4.3 Medium2025-01-07
CVE-2024-10962 Migration, Backup, Staging – WPvivid <= 0.9.107 - Unauthenticated PHP Object Injection — WPvivid — Backup, Migration & StagingCWE-502 8.8 High2024-11-14
CVE-2020-36842 Migration, Backup, Staging – WPvivid <= 0.9.35 - Authenticated (Subscriber+) Arbitrary File Upload — WPvivid — Backup, Migration & StagingCWE-434 8.8 High2024-10-16
CVE-2020-36835 Migration, Backup, Staging – WPvivid <= 0.9.35 - Sensitive Information Disclosure — WPvivid — Backup, Migration & StagingCWE-200 4.9 Medium2024-10-16
CVE-2024-35664 WordPress WPvivid Backup for MainWP plugin <= 0.9.32 - Reflected Cross Site Scripting (XSS) vulnerability — WPvivid Backup for MainWPCWE-79 7.1 High2024-06-04
CVE-2024-3054 WPvivid Backup & Migration Plugin <= 0.9.99 - Authenticated (Admin+) PHAR Deserialization — WPvivid — Backup, Migration & StagingCWE-502 7.2 High2024-04-12
CVE-2024-1383 WPvivid Backup for MainWP <= 0.9.32 - Reflected Cross-Site Scripting — WPvivid Backup for MainWPCWE-79 6.1 Medium2024-03-13
CVE-2024-1981 WordPress Plugin Migration, Backup, Staging 安全漏洞 — Migration, Backup, Staging – WPvivid 9.8 Critical2024-02-29
CVE-2024-1982 WPvivid Backup and Migration <= 0.9.68 - Missing Authorization — WPvivid — Backup, Migration & StagingCWE-862 6.5 Medium2024-02-29
CVE-2023-4637 WPvivid <= 0.9.94 - Missing Authorization — WPvivid — Backup, Migration & StagingCWE-862 4.3 Medium2024-02-05
CVE-2023-5121 Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting — WPvivid — Backup, Migration & StagingCWE-79 4.4 Medium2023-10-20
CVE-2023-4274 WordPress Plugin Migration, Backup, Staging – WPvivid 路径遍历漏洞 — Migration, Backup, Staging – WPvivid 8.7 High2023-10-20
CVE-2023-5576 Migration, Backup, Staging – WPvivid <= 0.9.91 - Google Drive Client Secret Exposure — WPvivid — Backup, Migration & StagingCWE-200 8.0 High2023-10-20
CVE-2023-5120 Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated Stored Cross-Site Scripting — WPvivid — Backup, Migration & StagingCWE-79 4.4 Medium2023-10-20
CVE-2022-2442 Migration, Backup, Staging – WPvivid <= 0.9.74 - Authenticated (Admin+) PHAR Deserialization — WPvivid — Backup, Migration & StagingCWE-502 7.2 High2022-09-06

This page lists every published CVE security advisory associated with wpvividplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.