All-in-One WP Migration and Backup

Vulnerabilities 20Slug all-in-one-wp-migrationLatest version 7.105WordPress.org →

Minimum safe version

7.98

Update to 7.98 or later to address 20 fixable vulnerabilities

Latest available7.105
Medium 4.4
2025-08-26< 7.98

All-in-One WP Migration and Backup <= 7.97 - Authenticated (Administrator+) Stored Cross-Site Scripting via Import

WordfenceEUVDCVE
N/A
2014-11-05< 2.0.3

All-in-One WP Migration <= 2.0.2 - Authorization Bypass to Arbitrary File Upload

Wordfence
N/A
2015-03-19< 2.0.5

All-in-One WP Migration <= 2.0.4 - Missing Authorization to Database Export

Wordfence
N/A
2017-06-20< 6.46

All-in-One WP Migration <= 6.45 - Reflected Cross-Site Scripting

Wordfence
N/A
2019-07-18< 7.0

All-in-One WP Migration <= 6.97 - Authenticated Stored Cross-Site Scripting

Wordfence
N/A
2020-01-20< 7.15

All-in-One WP Migration <= 7.14 - Unauthenticated Backup Download

Wordfence
N/A
2022-08-15< 7.63

All-in-One WP Migration <= 7.62 - Authenticated (Admin+) Cross-Site Scripting

Wordfence
N/A
< 2.0.5

All-in-One WP Migration &lt; 2.0.5 - Unauthenticated Database Export

WPScan
N/A
< 6.46

All-in-One WP Migration &lt; 6.46 - Reflected Cross-Site Scripting (XSS)

WPScan
N/A
< 7.0

All-in-One WP Migration &lt; 7.0 - Authenticated Cross-Site Scripting (XSS)

WPScan
N/A
< 7.15

All-in-One WP Migration &lt; 7.15 - Arbitrary Backup Download

WPScan
N/A
2015-03-19< 2.0.5

WordPress Migration Plugin <= 2.0.4 - Unauthenticated Database Export

Patchstack
N/A
2019-07-18< 7.0

WordPress All-in-One WP Migration plugin <= 6.97 - Cross-Site Scripting (XSS) vulnerability (admin backend)

Patchstack
N/A
2020-03-25< 7.15

WordPress All-in-One WP Migration plugin <= 7.14 - Arbitrary Backup Download vulnerability

Patchstack