CVE-2025-3455 – WordPress 1 Click Migration Plugin Remote File Upload Vulnerability

May 9, 2025

CVE ID : CVE-2025-3455

Published : May 9, 2025, 7:16 a.m. | 59 minutes ago

Description : The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘start_restore’ function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3710 – “KVM Over IP Switch CL5708IM Stack-based Buffer Overflow Vulnerability”

Next Article CVE-2025-3605 – WordPress Frontend Login and Registration Blocks Privilege Escalation Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-3455 – WordPress 1 Click Migration Plugin Remote File Upload Vulnerability

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

Rediscovering Plan9 from Bell Labs

How to Create Decoy File System in Linux Using FUSE

October is the Cyber Security Month: stats, events and advice

Distribution Release: PorteuX 1.8

LlamaParse: An API by LlamaIndex to Efficiently Parse and Represent Files for Efficient Retrieval and Context Augmentation Using LlamaIndex Frameworks

Healthcare messaging matrix: 4 ways this asset can supercharge your content strategy

TxAgent: An AI Agent that Delivers Evidence-Grounded Treatment Recommendations by Combining Multi-Step Reasoning with Real-Time Biomedical Tool Integration

Design like Apple

CVE-2025-3455 – WordPress 1 Click Migration Plugin Remote File Upload Vulnerability

Related Posts