Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:EF7BF35C-1E02-48AB-B9CC-E1F435FE3F49
HistoryOct 20, 2023 - 12:00 a.m.

Migration, Backup, Staging - WPvivid < 0.9.92 - Unauthenticated Sensitive Information Exposure

2023-10-2000:00:00
wpscan.com
2
wordpress
sensitive information exposure
unauthenticated access

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

35.6%

JSON

Description The Migration, Backup, Staging - WPvivid plugin for WordPress exposes sensitive information to unauthenticated users via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate the WPVivid Google Drive account via the API if they can trick a user into reauthenticating via another vulnerability or social engineering.

Related

openvas 1
cve 1
prion 1
cvelist 1
nvd 1
wordfence 1
openvas
openvas
WordPress Migration, Backup, Staging - WPvivid Plugin < 0.9.92 Information Disclosure Vulnerability
2023-10-26 00:00:00
cve
cve
CVE-2023-5576
2023-10-20 07:15:17
prion
prion
Design/Logic Flaw
2023-10-20 07:15:00
cvelist
cvelist
CVE-2023-5576
2023-10-20 06:35:20
nvd
nvd
CVE-2023-5576
2023-10-20 07:15:17
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 9, 2023 to October 15, 2023)
2023-10-19 15:52:27

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

35.6%

JSON
Related for WPVDB-ID:EF7BF35C-1E02-48AB-B9CC-E1F435FE3F49
openvas1cve1prion1cvelist1nvd1wordfence1