PT-2012-1866 · WordPress · Backwpup

🗓️ 08 Oct 2012 00:00:00Reported by Positive TechnologiesType

ptsecurity

ptsecurity🔗 dbugs.ptsecurity.com👁 1 Views

BackWPup before 1.7.2 allows remote PHP code execution via wpabs URL in export file; update to 1.7.2+.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2011-4342	13 Mar 202613:52	–	circl
CVE	CVE-2011-4342	8 Oct 201218:00	–	cve
Cvelist	CVE-2011-4342	8 Oct 201218:00	–	cvelist
EUVD	EUVD-2011-4274	7 Oct 202500:30	–	euvd
NVD	CVE-2011-4342	8 Oct 201218:55	–	nvd
OpenVAS	WordPress BackWPup Plugin < 1.7.1 'wpabs' Parameter Remote PHP Code Execution Vulnerability - Active Check	1 Apr 201100:00	–	openvas
Patchstack	WordPress BackWPup Plugin - Remote and Local Code Execution	28 Mar 201100:00	–	patchstack
Prion	Remote file inclusion	8 Oct 201218:55	–	prion
RedhatCVE	CVE-2011-4342	22 May 202505:59	–	redhatcve
WPVulnDB	Backwpup < 1.7.2 - Remote File Inclusion	28 Mar 201100:00	–	wpvulndb

Source	Link
senseofsecurity	www.senseofsecurity.com.au/advisories/SOS-11-003.pdf
exploit-db	www.exploit-db.com/exploits/17056
openwall	www.openwall.com/lists/oss-security/2011/11/22/7
openwall	www.openwall.com/lists/oss-security/2011/11/22/10
osvdb	www.osvdb.org/71481
exploit-db	www.exploit-db.com/exploits/17056
packetstormsecurity	www.packetstormsecurity.org/files/view/99799/SOS-11-003.txt
seclists	www.seclists.org/fulldisclosure/2011/Mar/328
secunia	www.secunia.com/advisories/43565
nvd	www.nvd.nist.gov/vuln/detail/CVE-2011-4342

14 Feb 2024 00:00Current

7.3High risk

Vulners AI Score7.3

CVSS 27.5

EPSS0.03999

backwpup plugin vulnerable versions remote code execution wpabs parameter export file update recommendation