CVE-2023-7232 Backup and Restore WordPress <= 1.45 - Unauthenticated Sensitive Data Exposure

2024-03-2605:00:02

WPScan

www.cve.org

cve-2023-7232

wordpress plugin

sensitive data

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "Backup and Restore WordPress ",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "1.45"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

wpscan.com/vulnerability/323fef8a-aa17-4698-9a02-c12d1d390763/