Security Advisory

CVE-2022-0444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-27 08:55:47

Last updated 2024-08-02 23:25:40

Assigner WPScan

State PUBLISHED

Description

The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key.

← Browse all CVEs View on cve.org ↗