Wpvividplugins Wpvivid — Backup, Migration & Staging
15 CVEs affecting Wpvividplugins Wpvivid — Backup, Migration & Staging. Latest disclosed: 2026-06-06. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-1357 | Critical | 9.8 | 2026-02-11 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and i… |
CVE-2024-10962 | High | 8.8 | 2024-11-14 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deseriali… |
CVE-2020-36842 | High | 8.8 | 2024-10-16 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvivid_upload_i… |
CVE-2023-5576 | High | 8.0 | 2023-10-20 | The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Goog… |
CVE-2025-5961 | High | 7.2 | 2025-07-03 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in… |
CVE-2024-13869 | High | 7.2 | 2025-02-22 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in… |
CVE-2024-3054 | High | 7.2 | 2024-04-12 | WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untru… |
CVE-2022-2442 | High | 7.2 | 2022-09-06 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to… |
CVE-2024-1982 | Medium | 6.5 | 2024-02-29 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the get_restore_progres… |
CVE-2020-36835 | Medium | 4.9 | 2024-10-16 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing c… |
CVE-2023-5121 | Medium | 4.4 | 2023-10-20 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings (the backup path parameter) in ve… |
CVE-2023-5120 | Medium | 4.4 | 2023-10-20 | The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image file path parameter in versions up to… |
CVE-2023-4637 | Medium | 4.3 | 2024-02-05 | The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and get_restore_progress() fun… |
CVE-2025-12656 | Low | 3.8 | 2026-06-06 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path va… |
CVE-2025-12654 | Low | 2.7 | 2025-12-21 | The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory creation in all versions up to, and inclu… |