CVE-2024-56273

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 7, 2025
CWE ID 862

Summary

CVE-2024-56273 is a Missing Authorization vulnerability affecting WPvivid Backup and Migration. The plugin, used for managing WordPress website backups, allows unauthorized access to functionality due to insufficient Access Control Lists (ACLs). This vulnerability can be exploited by attackers to gain unauthorized privileges, potentially leading to data loss, unintended changes, or even full website takeover. The issue affects versions of WPvivid Backup and Migration from n/a through 0.9.106. Users are advised to update to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share