Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPvivid — Backup, Migration & Staging — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in WPvivid — Backup, Migration & Staging, with AI-generated Chinese analysis, references, and POCs.

Vendor: wpvividplugins

CVE IDTitleCVSSSeverityPublished
CVE-2026-1357 Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload CWE-434 9.8 Critical2026-02-11
CVE-2025-12654 Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.120 - Authenticated (Admin+) Arbitrary Directory Creation CWE-73 2.7 Low2025-12-21
CVE-2025-5961 Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload CWE-434 7.2 High2025-07-03
CVE-2024-13869 Migration, Backup, Staging – WPvivid <= 0.9.112 - Authenticated (Admin+) Arbitrary File Upload via wpvivid_upload_file CWE-434 7.2 High2025-02-22
CVE-2024-10962 Migration, Backup, Staging – WPvivid <= 0.9.107 - Unauthenticated PHP Object Injection CWE-502 8.8 High2024-11-14
CVE-2020-36842 Migration, Backup, Staging – WPvivid <= 0.9.35 - Authenticated (Subscriber+) Arbitrary File Upload CWE-434 8.8 High2024-10-16
CVE-2020-36835 Migration, Backup, Staging – WPvivid <= 0.9.35 - Sensitive Information Disclosure CWE-200 4.9 Medium2024-10-16
CVE-2024-3054 WPvivid Backup & Migration Plugin <= 0.9.99 - Authenticated (Admin+) PHAR Deserialization CWE-502 7.2 High2024-04-12
CVE-2024-1982 WPvivid Backup and Migration <= 0.9.68 - Missing Authorization CWE-862 6.5 Medium2024-02-29
CVE-2023-4637 WPvivid <= 0.9.94 - Missing Authorization CWE-862 4.3 Medium2024-02-05
CVE-2023-5121 Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting CWE-79 4.4 Medium2023-10-20
CVE-2023-5576 Migration, Backup, Staging – WPvivid <= 0.9.91 - Google Drive Client Secret Exposure CWE-200 8.0 High2023-10-20
CVE-2023-5120 Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated Stored Cross-Site Scripting CWE-79 4.4 Medium2023-10-20
CVE-2022-2442 Migration, Backup, Staging – WPvivid <= 0.9.74 - Authenticated (Admin+) PHAR Deserialization CWE-502 7.2 High2022-09-06

All 14 known CVE vulnerabilities affecting WPvivid — Backup, Migration & Staging with full Chinese analysis, references, and POCs where available.