Lucene search
K

70 matches found

CVE
CVE
added 2013/04/02 10:0 a.m.52 views

CVE-2013-2741

The CVE-2013-2741 issue affects the WordPress BackupBuddy plugin (importbuddy.php) in versions including 1.3.4, 2.1.4, 2.2.25, 2.2.28 and 2.2.4. The vulnerability arises because importbuddy.php does not require authentication, enabling remote attackers to obtain sensitive information or to overwr...

7.5CVSS6.9AI score0.02563EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2013/04/02 10:0 a.m.52 views

CVE-2013-2742

CVE-2013-2742 affects the WordPress BackupBuddy plugin via importbuddy.php. Affected versions: 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4. The root cause is that importbuddy.php does not reliably delete itself after completing a restore, enabling remote attackers to gain access through subsequent re...

7.5CVSS6.7AI score0.0243EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2013/04/02 10:0 a.m.28 views

CVE-2013-2742

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not reliably delete itself after completing a restore operation, which makes it easier for remote attackers to obtain access via subsequent requests to this script...

6.5AI score0.0243EPSS
Exploits1References2
CVE
CVE
added 2013/04/02 10:0 a.m.41 views

CVE-2013-2744

CVE-2013-2744 affects WordPress BackupBuddy plugin, version 2.2.25, via importbuddy.php. The vulnerability allows remote attackers to disclose configuration information by triggering a step 0 phpinfo action that calls phpinfo. Impact is information disclosure of configuration data; no exploit det...

5CVSS6.5AI score0.02136EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2013/04/02 10:0 a.m.36 views

CVE-2013-2741

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not require that authentication be enabled, which allows remote attackers to obtain sensitive information, or overwrite or delete files, via vectors involving a 1 direct request, 2 step=1 request,...

6.7AI score0.02563EPSS
Exploits1References2
Patchstack
Patchstack
added 2013/04/01 12:0 a.m.30 views

WordPress BackupBuddy Plugin <= 2.2.25 - Sensitive Data Exposure

This vulnerability is in importbuddy.php. It allows remote attackers to obtain configuration information via a step 0 phpinfo action. Solution Update the plugin...

5CVSS5.5AI score0.02136EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2013/04/01 12:0 a.m.26 views

WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #3

This vulnerability is in the importbuddy.php. It allows the attackers to obtain sensitive information, or overwrite or delete files. Solution Update the plugin...

7.5CVSS4.5AI score0.02563EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2013/04/01 12:0 a.m.19 views

WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #2

Because of this vulnerability in the importbuddy.php, the plugin does not reliably delete itself after completing a restore operation. In that way the attackers can obtain access via subsequent requests to this script. Solution Update the plugin...

7.5CVSS3.8AI score0.0243EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2013/04/01 12:0 a.m.27 views

WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #1

This vulnerability is in the importbuddy.php. It allows the attackers to bypass authentication via a crafted integer in the "step" parameter. Solution Update the plugin...

7.5CVSS6.3AI score0.02563EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2013/03/24 12:0 a.m.24 views

Backupbuddy - importbuddy.php Restore Operation Persistence Weakness

The backupbuddy WordPress plugin was affected by an importbuddy.php Restore Operation Persistence Weakness security vulnerability...

7.5CVSS3.7AI score0.0243EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder