exploitDog

CVE-2023-7165

Опубликовано: 27 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.

Ссылки

https://wpscan.com/vulnerability/ad1ef4c5-60c1-4729-81dd-f626aa0ce3fe/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/ad1ef4c5-60c1-4729-81dd-f626aa0ce3fe/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jetbackup:jetbackup:*:*:*:*:*:wordpress:*:*

Версия до 2.0.9.9 (исключая)

EPSS

Процентиль: 70%

0.00649

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-p53g-6cxv-378j

CVSS3: 7.5

github

почти 2 года назад

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.

EPSS

Процентиль: 70%

0.00649

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo