cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-5551,https://securityvulnerability.io/vulnerability/CVE-2024-5551,Cross-Site Request Forgery Vulnerability in WordPress Backup Plugin,"The WP STAGING Pro WordPress Backup Plugin is affected by a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to exploit missing or incorrectly implemented nonce validation on the 'sub' parameter. This flaw enables attackers to manipulate site administrators into executing malicious requests, which can result in the exposure of local files ending in '-settings.php'. This vulnerability is present in all versions up to and including 5.6.0, posing significant risks for users relying on this backup solution.",Wordpress,WP Staging Pro WordPress Backup Plugin,8.8,HIGH,0.0005499999970197678,false,,false,false,false,,false,false,2024-06-14T05:39:14.293Z,0
CVE-2024-2309,https://securityvulnerability.io/vulnerability/CVE-2024-2309,Unfiltered HTML Setting Vulnerability in WP STAGING WordPress Backup Plugin Could Lead to Stored Cross-Site Scripting Attacks,"The WP STAGING WordPress Backup Plugin  WordPress plugin before 3.4.0, wp-staging-pro WordPress plugin before 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",Wordpress,"WP Staging WordPress Backup Plugin,WP-staging-pro",,,0.0004299999854993075,false,,false,false,true,true,false,false,2024-04-17T05:00:03.096Z,0
CVE-2023-6113,https://securityvulnerability.io/vulnerability/CVE-2023-6113,"WP Staging (Free < 3.1.3, Pro < 5.1.3) - Unauthenticated Backup Download","The WP STAGING WordPress Backup Plugin and its Pro version are susceptible to a critical vulnerability that allows unauthorized users to access ongoing backup processes. This exposure can lead to sensitive data being downloaded by unauthenticated attackers, posing significant risks to the information integrity of WordPress sites. Users of affected versions are strongly advised to update to the latest releases to mitigate these risks.",Wordpress,"WP STAGING WordPress Backup Plugin,WP STAGING Pro WordPress Backup Plugin",7.5,HIGH,0.001769999973475933,false,,false,false,true,true,false,false,2024-01-01T15:15:00.000Z,0