Lucene search
K

7 matches found

Nuclei
Nuclei
added yesterday14 views

WordPress Backup Migration <= 1.3.6 - Path Traversal

WordPress Backup Migration plugin versions up to 1.3.6 contain a path traversal and file validation issue in handledownloading function, letting unauthenticated attackers download backup files containing sensitive information. id: CVE-2023-6266 info: name: WordPress Backup Migration = 1.3.6 - Pat...

7.5CVSS7AI score0.02072EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.9 views

CVE-2023-6266

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download...

7.5CVSS6.4AI score0.02072EPSS
Exploits0References1
Circl
Circl
added 2024/01/11 10:26 a.m.7 views

CVE-2023-6266

creationtimestamp| type| source ---|---|--- 2024-01-11 10:26:29+00:00| seen| https://t.me/ctinow/166422 2025-12-19 21:03:10+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3maelni5lsm23 2026-06-23 14:06:11+00:00| exploited|...

7.5CVSS7.2AI score0.02072EPSS
Exploits0References4
CVE
CVE
added 2024/01/11 8:32 a.m.100 views

CVE-2023-6266

CVE-2023-6266 - WordPress Backup Migration plugin : Concrete details show a path traversal/file validation flaw in the BMI_BACKUP path within the handle_downloading function, affecting all versions up to 1.3.6. Unauthenticated attackers can download backup files containing sensitive data (e.g., p...

7.5CVSS7.2AI score0.02072EPSS
In wildExploits0References4Affected Software1
Patchstack
Patchstack
added 2023/12/01 12:0 a.m.19 views

WordPress Backup Migration Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-6266 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 7df0ea44f3d7 Credits Rafshanzani Suhada...

7.5CVSS6.5AI score0.02072EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/03 12:0 a.m.28 views

Oracle Linux 9 : squid (ELSA-2023-6266)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6266 advisory. - Improve HTTP chunked encoding compliance CVE-2023-46846 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847 Tenable has...

9.3CVSS7.3AI score0.85944EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.38 views

RHEL 9 : squid (RHSA-2023:6266)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6266 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:...

9.3CVSS7AI score0.85944EPSS
Exploits0References9
Rows per page
Query Builder