70 matches found
CVE-2013-2741
The CVE-2013-2741 issue affects the WordPress BackupBuddy plugin (importbuddy.php) in versions including 1.3.4, 2.1.4, 2.2.25, 2.2.28 and 2.2.4. The vulnerability arises because importbuddy.php does not require authentication, enabling remote attackers to obtain sensitive information or to overwr...
CVE-2013-2742
CVE-2013-2742 affects the WordPress BackupBuddy plugin via importbuddy.php. Affected versions: 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4. The root cause is that importbuddy.php does not reliably delete itself after completing a restore, enabling remote attackers to gain access through subsequent re...
CVE-2013-2742
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not reliably delete itself after completing a restore operation, which makes it easier for remote attackers to obtain access via subsequent requests to this script...
CVE-2013-2744
CVE-2013-2744 affects WordPress BackupBuddy plugin, version 2.2.25, via importbuddy.php. The vulnerability allows remote attackers to disclose configuration information by triggering a step 0 phpinfo action that calls phpinfo. Impact is information disclosure of configuration data; no exploit det...
CVE-2013-2741
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not require that authentication be enabled, which allows remote attackers to obtain sensitive information, or overwrite or delete files, via vectors involving a 1 direct request, 2 step=1 request,...
WordPress BackupBuddy Plugin <= 2.2.25 - Sensitive Data Exposure
This vulnerability is in importbuddy.php. It allows remote attackers to obtain configuration information via a step 0 phpinfo action. Solution Update the plugin...
WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #3
This vulnerability is in the importbuddy.php. It allows the attackers to obtain sensitive information, or overwrite or delete files. Solution Update the plugin...
WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #2
Because of this vulnerability in the importbuddy.php, the plugin does not reliably delete itself after completing a restore operation. In that way the attackers can obtain access via subsequent requests to this script. Solution Update the plugin...
WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #1
This vulnerability is in the importbuddy.php. It allows the attackers to bypass authentication via a crafted integer in the "step" parameter. Solution Update the plugin...
Backupbuddy - importbuddy.php Restore Operation Persistence Weakness
The backupbuddy WordPress plugin was affected by an importbuddy.php Restore Operation Persistence Weakness security vulnerability...