Insertion of Sensitive Information into Log File Vulnerability Affects WordPress Backup & Migration
CVE-2024-31254

3.7LOW

Key Information:

Vendor: Wordpress
Status: WordPress Backup & Migration
Vendor: CVE Published:; 10 April 2024

Summary

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7.

Affected Version(s)

WordPress Backup & Migration <= 1.4.7

References

https://patchstack.com/database/vulnerability/wp-migratio...

vdb-entry

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 10, 2024
Vulnerability Reserved
Mar 29, 2024

Credit

Joshua Chan (Patchstack Alliance)