Описание
The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system.
Ссылки
- Exploit
- Exploit
- Exploit
- Patch
- PatchThird Party Advisory
- Third Party Advisory
- Exploit
- Exploit
- Exploit
- Patch
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.0 (исключая)
cpe:2.3:a:backupbliss:backup_migration:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 96%
0.23154
Средний
7.2 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.2
github
около 2 лет назад
The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system.
EPSS
Процентиль: 96%
0.23154
Средний
7.2 High
CVSS3
Дефекты
CWE-78