All-in-One WP Migration and Backup

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   All-in-One WP Migration and Backup

Information

Software Type Plugin
Software Slug all-in-one-wp-migration (view on wordpress.org)
Software Status Active
Software Author yaniiliev
Software Website servmask.com
Software Downloads 123,338,409
Software Active Installs 5,000,000
Software Record Last Updated May 21, 2024

9 Vulnerabilities

All-in-One WP Migration <= 7.62 - Unauthenticated Reflected Cross-Site Scripting
6.1
CVE-2022-2546
Aug 23, 2022
Researchers:
All-in-One WP Migration <= 7.62 - Authenticated (Admin+) Cross-Site Scripting
5.5
CVE ID Unknown
Aug 15, 2022
Researchers:
All-in-One WP Migration <= 7.58 - Directory Traversal to File Deletion on Windows Hosts
6.6
CVE-2022-1476
Apr 28, 2022
Researcher: haidv35
All-in-One WP Migration <= 7.40 - Authenticated (Admin+) Arbitrary File Upload
7.2
CVE-2021-24216
Feb 7, 2022
Researcher: Yiicheng Liu-Zte Chenfeng Lab
All-in-One WP Migration <= 7.14 - Unauthenticated Backup Download
5.9
CVE ID Unknown
Jan 20, 2020
Researcher: Kamil Vavra
All-in-One WP Migration <= 6.97 - Authenticated Stored Cross-Site Scripting
5.5
CVE ID Unknown
Jul 18, 2019
Researcher: Connum
All-in-One WP Migration <= 6.45 - Reflected Cross-Site Scripting
6.1
CVE ID Unknown
Jun 20, 2017
Researcher: Oways
All-in-One WP Migration <= 2.0.4 - Missing Authorization to Database Export
7.5
CVE ID Unknown
Mar 19, 2015
Researcher: James Golovich
All-in-One WP Migration <= 2.0.2 - Authorization Bypass to Arbitrary File Upload
8.8
CVE ID Unknown
Nov 5, 2014
Researcher: Kacper Szurek
Title Status CVE ID CVSS Researchers Date
All-in-One WP Migration <= 7.62 - Unauthenticated Reflected Cross-Site Scripting Patched CVE-2022-2546 6.1 August 23, 2022
All-in-One WP Migration <= 7.62 - Authenticated (Admin+) Cross-Site Scripting Patched 5.5 August 15, 2022
All-in-One WP Migration <= 7.58 - Directory Traversal to File Deletion on Windows Hosts Patched CVE-2022-1476 6.6 haidv35 April 28, 2022
All-in-One WP Migration <= 7.40 - Authenticated (Admin+) Arbitrary File Upload Patched CVE-2021-24216 7.2 Yiicheng Liu-Zte Chenfeng Lab February 7, 2022
All-in-One WP Migration <= 7.14 - Unauthenticated Backup Download Patched 5.9 Kamil Vavra January 20, 2020
All-in-One WP Migration <= 6.97 - Authenticated Stored Cross-Site Scripting Patched 5.5 Connum July 18, 2019
All-in-One WP Migration <= 6.45 - Reflected Cross-Site Scripting Patched 6.1 Oways June 20, 2017
All-in-One WP Migration <= 2.0.4 - Missing Authorization to Database Export Patched 7.5 James Golovich March 19, 2015
All-in-One WP Migration <= 2.0.2 - Authorization Bypass to Arbitrary File Upload Patched 8.8 Kacper Szurek November 5, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation