CVE-2024-56273
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-56273 is a Missing Authorization vulnerability affecting WPvivid Backup and Migration. The plugin, used for managing WordPress website backups, allows unauthorized access to functionality due to insufficient Access Control Lists (ACLs). This vulnerability can be exploited by attackers to gain unauthorized privileges, potentially leading to data loss, unintended changes, or even full website takeover. The issue affects versions of WPvivid Backup and Migration from n/a through 0.9.106. Users are advised to update to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- WordPress