Description
WordPress Plugin Migration, Backup, Staging-WPvivid is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin Migration, Backup, Staging-WPvivid version 0.9.76 is vulnerable.
Remediation
Update to plugin version 0.9.77 or latest
References
https://wpscan.com/vulnerability/605bc4bf-0a26-4d77-8e0c-cdc5fb58b817
https://plugins.svn.wordpress.org/wpvivid-backuprestore/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin PDF Flipbook, 3D Flipbook WordPress-DearFlip Unspecified Vulnerability (1.7.12)
WordPress Plugin s2member Secure File Browser Cross-Site Scripting (0.4.16)
WordPress Other Vulnerability (CVE-2007-1230)
SharePoint CVE-2020-17060 Vulnerability (CVE-2020-17060)
WordPress Plugin WP Instagram-Best Instagram Feeds Cross-Site Scripting (1.0.19)