All 4 CVE vulnerabilities found in MoveTo, with AI-generated Chinese analysis, references, and POCs.
Vendor: Skymoonlabs
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-25911 | WordPress MoveTo plugin <= 6.2 - Unauthenticated Arbitrary File Deletion vulnerability CWE-862 | 8.6 | High | 2024-04-16 |
| CVE-2024-25912 | WordPress MoveTo plugin <= 6.2 - Unauthenticated Arbitrary WordPress Settings Change vulnerability CWE-862 | 9.8 | Critical | 2024-03-21 |
| CVE-2024-25910 | WordPress MoveTo Plugin <= 6.2 is vulnerable to SQL Injection CWE-89 | 9.8 | Critical | 2024-02-28 |
| CVE-2024-25913 | WordPress MoveTo Plugin <= 6.2 is vulnerable to Arbitrary File Upload CWE-434 | 10.0 | Critical | 2024-02-26 |
All 4 known CVE vulnerabilities affecting MoveTo with full Chinese analysis, references, and POCs where available.