WordPress Plugin Vulnerabilities

All-in-One WP Migration < 7.0 - Admin+ Stored XSS

Description

An attacker would already have to be able to either compromise the database or gain access to a user account with high enough privileges to view the backup history, so some damage has already been done, but such an attacker could then also insert some XSS in order to compromise other admin users.

When double-clicking the backup description on the backup history overview page, in order to edit the description text, the text is not sanitized/escaped via html entities when generating the input field.

This has been reported to the plugin author on 2 July 2019 and confirmed to be fixed in version 7.0 on 17 July 2019.

Proof of Concept

Affects Plugins

Plugin icon
all-in-one-wp-migration
Fixed in 7.0

References

URL
https://plugins.trac.wordpress.org/changeset/2124441
URL
https://wptavern.com/all-in-one-wp-migration-7-0-patches-xss-vulnerability

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.5 (low)

Miscellaneous

Original Researcher
Connum
Submitter
Connum
Verified
No
WPVDB ID
5f7257e2-d4da-4fb9-a5da-31332c4ec848

Timeline

Publicly Published
2019-07-17 (about 6 years ago)
Added
2019-07-17 (about 6 years ago)
Last Updated
2026-04-14 (about 29 days ago)

Other

Published
Title
Published
2024-10-31
Title
Marquee Elementor with Posts <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-10-16
Title
WP Simple Table Manager Plugin < 1.6.1 - Admin+ Stored Cross-Site Scripting
Published
2024-11-01
Title
Sastra Essential Addons for Elementor < 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2020-01-16
Title
Reality < 2.5.3 - Unauthenticated Reflected XSS
Published
2026-02-13
Title
Percent to Infograph <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes