Description
WordPress Plugin All-in-One WP Migration is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently export a copy of the database, plugins, themes, and uploaded files. WordPress Plugin All-in-One WP Migration version 2.0.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.0.5 or latest
References
Related Vulnerabilities
Oracle HTTP Server Other Vulnerability (CVE-2006-5348)
MySQL CVE-2015-2566 Vulnerability (CVE-2015-2566)
MediaWiki Incorrect Authorization Vulnerability (CVE-2020-26121)
Internet Information Services Other Vulnerability (CVE-2002-1745)
WordPress Plugin Import XML and RSS Feeds Arbitrary File Upload (2.1.3)