CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49684 – WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-49684
Deserialization of Untrusted Data vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.21. The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.22.21 via deserialization of untrusted input. This makes it possible for authenticated attackers, with administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. • https://patchstack.com/database/vulnerability/wp-time-capsule/wordpress-backup-and-staging-by-wp-time-capsule-plugin-1-22-21-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48020 – WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-48020
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Revmakx Backup and Staging by WP Time Capsule allows SQL Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.21. The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.22.21 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/wp-time-capsule/wordpress-backup-and-staging-by-wp-time-capsule-plugin-1-22-21-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38770 – WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-38770
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.20. The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.22.20. This is due to wptc_decode_auth_token() function using a loose comparison. This makes it possible for unauthenticated attackers to bypass authentication and access user accounts, including those that may have administrative access. This vulnerability does require a site to have a connection to wptimecapsule.com in order to be exploited. • https://patchstack.com/database/vulnerability/wp-time-capsule/wordpress-backup-and-staging-by-wp-time-capsule-plugin-1-22-20-authentication-bypass-and-privilege-escalation-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2020-8771 – Backup and Staging by WP Time Capsule <= 1.21.15 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2020-8771
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts. El plugin Time Capsule versiones anteriores a 1.21.16 para WordPress, presenta una omisión de autenticación. Cualquier petición que contenga IWP_JSON_PREFIX causa que el cliente inicie sesión como la primera cuenta en la lista de cuentas de administrador. • https://wpvulndb.com/vulnerabilities/10010 https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •