CVE-2023-7232

2024-03-2605:15:48

[email protected]

web.nvd.nist.gov

wordpress

plugin

vulnerability

sensitive information

unauthenticated access

log files

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data

Affected configurations

Vulners

Node

cloudfoundrybosh_backup_and_restoreRange≤1.45

VendorProductVersionCPE
cloudfoundrybosh_backup_and_restore*cpe:2.3:a:cloudfoundry:bosh_backup_and_restore:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cloudfoundry	bosh_backup_and_restore	*	cpe:2.3:a:cloudfoundry:bosh_backup_and_restore::::::::

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Backup and Restore WordPress ",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "1.45"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

wpscan.com/vulnerability/323fef8a-aa17-4698-9a02-c12d1d390763/