Lucene search

K

BackUpWordPress Security Vulnerabilities

cve
cve

CVE-2024-3034

The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the...

2.7CVSS

6.4AI Score

0.0004EPSS

2024-04-27 05:15 AM
28
cve
cve

CVE-2022-4931

The BackupWordPress plugin for WordPress is vulnerable to information disclosure in versions up to, and including 3.12. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with...

4.3CVSS

4.2AI Score

0.001EPSS

2023-03-07 03:15 PM
11
cve
cve

CVE-2007-5800

Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4)...

7.8AI Score

0.114EPSS

2007-11-03 12:46 AM
16
4