Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
High

CVE-2023-6553

Disclosure Date: December 15, 2023 (last updated December 22, 2023)
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server.
Attacker Value
High

CVE-2024-31819

Disclosure Date: April 10, 2024 (last updated April 11, 2024)
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
1