All-in-One WP Migration and Backup

Information

Software Type Plugin
Software Slug all-in-one-wp-migration (view on wordpress.org)
Software Status Active
Software Author yaniiliev
Software Website servmask.com
Software Downloads 137,845,614
Software Active Installs 5,000,000
Software Record Last Updated December 30, 2024

11 Vulnerabilities

Title Status CVE ID CVSS Researchers Date
All-in-One WP Migration and Backup <= 7.86 - Authenticated (Administrator+) Arbitrary PHP Code Injection Patched CVE-2024-9162 7.2 Ryan Kozak October 27, 2024
All-in-One WP Migration and Backup <= 7.86 - Unauthenticated Information Disclosure via Error Logs Patched CVE-2024-8852 5.3 villu164 October 21, 2024
All-in-One WP Migration <= 7.62 - Unauthenticated Reflected Cross-Site Scripting Patched CVE-2022-2546 6.1 August 23, 2022
All-in-One WP Migration <= 7.62 - Authenticated (Admin+) Cross-Site Scripting Patched 5.5 August 15, 2022
All-in-One WP Migration <= 7.58 - Directory Traversal to File Deletion on Windows Hosts Patched CVE-2022-1476 6.6 haidv35 April 28, 2022
All-in-One WP Migration <= 7.40 - Authenticated (Admin+) Arbitrary File Upload Patched CVE-2021-24216 7.2 Yiicheng Liu-Zte Chenfeng Lab February 7, 2022
All-in-One WP Migration <= 7.14 - Unauthenticated Backup Download Patched 5.9 Kamil Vavra January 20, 2020
All-in-One WP Migration <= 6.97 - Authenticated Stored Cross-Site Scripting Patched 5.5 Connum July 18, 2019
All-in-One WP Migration <= 6.45 - Reflected Cross-Site Scripting Patched 6.1 Oways June 20, 2017
All-in-One WP Migration <= 2.0.4 - Missing Authorization to Database Export Patched 7.5 James Golovich March 19, 2015
All-in-One WP Migration <= 2.0.2 - Authorization Bypass to Arbitrary File Upload Patched 8.8 Kacper Szurek November 5, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation