exploitDog

GHSA-4v53-9g52-rm7v

Опубликовано: 08 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The BackWPup WordPress plugin before 4.0.4 does not prevent visitors from leaking key information about ongoing backups, allowing unauthenticated attackers to download backups of a site's database.

The BackWPup WordPress plugin before 4.0.4 does not prevent visitors from leaking key information about ongoing backups, allowing unauthenticated attackers to download backups of a site's database.

Ссылки

EPSS

Процентиль: 97%

0.34166

Средний

7.5 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2023-7164

CVSS3: 7.5

nvd

почти 2 года назад

The BackWPup WordPress plugin before 4.0.4 does not prevent Directory Listing in its temporary backup folder, allowing unauthenticated attackers to download backups of a site's database.

EPSS

Процентиль: 97%

0.34166

Средний

7.5 High

CVSS3

CVE ID