InstaWP Connect – 1-click WP Staging & Migration

Vulnerabilities 17Slug instawp-connectLatest version 0.1.3.2WordPress.org →

Minimum safe version

0.1.2.7

Update to 0.1.2.7 or later to address 17 fixable vulnerabilities

Latest available0.1.3.2 ✓

Medium 5.4

2026-04-08< 0.1.2.7

CVE-2026-39504

CVE Wordfence

Medium 6.5

2025-12-18< 0.1.2.0

CVE-2025-66068

CVE Wordfence

Critical 9.8

2025-04-11< 0.1.0.86

InstaWP Connect <= 0.1.0.85 - Unauthenticated Local PHP File Inclusion

EUVD Wordfence CVE

High 7.5

2025-03-31< 0.1.0.83

CVE-2025-31387

CVE EUVD Wordfence

High 8.8

2025-03-14< 0.1.0.84

CVE-2024-13913

CVE EUVD Patchstack Wordfence

Critical 9.8

2024-07-11< 0.1.0.45

CVE-2024-6397

CVE Wordfence Patchstack

N/A

< 0.1.0.9

InstaWP Connect < 0.1.0.9 - Cross-Site Request Forgery via create_file_db_manager

WPScan

Critical 10.0

2024-06-24< 0.1.0.39

CVE-2024-37228

CVE Patchstack Wordfence

Critical 9.8

2024-06-12< 0.1.0.39

CVE-2024-4898

CVE Patchstack Wordfence

Medium 4.3

2024-06-09< 0.1.0.25

CVE-2024-32701

CVE Patchstack Wordfence

Critical 9.8

2024-05-02< 0.1.0.23

CVE-2024-2667

CVE Wordfence Patchstack

Critical 9.9

2024-04-03< 0.1.0.9

CVE-2024-25918

CVE Wordfence Patchstack WPScan

High 8.5

2024-01-31< 0.1.0.10

CVE-2024-23507

CVE Wordfence Patchstack WPScan

High 7.7

2024-01-26< 0.1.0.10

CVE-2024-23506

CVE Wordfence Patchstack WPScan

High 8.8

2024-05-17< 0.1.0.9

CVE-2024-22145

CVE Wordfence Patchstack WPScan

N/A

2024-01-12< 0.1.0.9

InstaWP Connect <= 0.1.0.8 - Cross-Site Request Forgery via create_file_db_manager

Wordfence

Critical 9.8

2023-07-27< 0.0.9.19

CVE-2023-3956

CVE Patchstack Wordfence WPScan