{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T02:18:30.205","vulnerabilities":[{"cve":{"id":"CVE-2023-40004","sourceIdentifier":"audit@patchstack.com","published":"2024-06-19T12:15:09.687","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in ServMask All-in-One WP Migration Box Extension, ServMask All-in-One WP Migration OneDrive Extension, ServMask All-in-One WP Migration Dropbox Extension, ServMask All-in-One WP Migration Google Drive Extension.This issue affects All-in-One WP Migration Box Extension: from n/a through 1.53; All-in-One WP Migration OneDrive Extension: from n/a through 1.66; All-in-One WP Migration Dropbox Extension: from n/a through 3.75; All-in-One WP Migration Google Drive Extension: from n/a through 2.79."},{"lang":"es","value":"Vulnerabilidad de autorización faltante en ServMask All-in-One WP Migration Box Extension, ServMask All-in-One WP Migration OneDrive Extension, ServMask All-in-One WP Migration Dropbox Extension, ServMask All-in-One WP Migration Google Drive Extension. El problema afecta a la extensión All-in-One WP Migration Box: desde n/a hasta 1.53; Extension OneDrive de migración de WP todo en uno: desde n/a hasta 1.66; Extension de Dropbox de migración de WP todo en uno: desde n/a hasta 3.75; Extension de Google Drive de migración de WP todo en uno: desde n/a hasta 2.79."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/articles/pre-auth-access-token-manipulation-in-all-in-one-wp-migration-extensions?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-box-extension/wordpress-all-in-one-wp-migration-box-extension-plugin-1-53-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-dropbox-extension/wordpress-all-in-one-wp-migration-dropbox-extension-plugin-3-75-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-gdrive-extension/wordpress-all-in-one-wp-migration-google-drive-extension-plugin-2-79-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-onedrive-extension/wordpress-all-in-one-wp-migration-onedrive-extension-plugin-1-66-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/articles/pre-auth-access-token-manipulation-in-all-in-one-wp-migration-extensions?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-box-extension/wordpress-all-in-one-wp-migration-box-extension-plugin-1-53-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-dropbox-extension/wordpress-all-in-one-wp-migration-dropbox-extension-plugin-3-75-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-gdrive-extension/wordpress-all-in-one-wp-migration-google-drive-extension-plugin-2-79-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://patchstack.com/database/vulnerability/all-in-one-wp-migration-onedrive-extension/wordpress-all-in-one-wp-migration-onedrive-extension-plugin-1-66-unauthenticated-access-token-manipulation-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}