CVE-2024-12330 WP Database Backup – Unlimited Database & Files Backup by Backup for WP <= 7.3 - Unauthenticated Database Back-Up Exposure

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensiti...

CVE-2024-12330 WP Database Backup – Unlimited Database & Files Backup by Backup for WP <= 7.3 - Unauthenticated Database Back-Up Exposure

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensiti...

CVE-2024-12330

CVE-2024-12330 applies to WP Database Backup – Unlimited Database & Files Backup by Backup for WP (WordPress). The vulnerability enables Sensitive Information Exposure via publicly accessible backup files in all versions up to 7.3, allowing unauthenticated attackers to extract database data. Root...

WordPress plugin WP Database Backup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2025-1819 · WordPress · Wp Database Backup

Name of the Vulnerable Software and Affected Versions: WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress versions up to, and including, 7.3 Description: The issue allows unauthenticated attackers to extract sensitive data, including all information store...

WordPress WP Database Backup plugin <= 7.3 - Unauthenticated Database Back-Up Exposure vulnerability

Unauthenticated Database Back-Up Exposure vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin WP Database Backup versions = 7.3...

CVE-2024-12850 Database Backup and check Tables Automated With Scheduler 2024 <= 2.32 - Authenticated (Admin+) Arbitrary File Read

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the databasebackupajaxdownload function. This makes it possible for authenticated attackers, with administrator-level access...

CVE-2024-12850 Database Backup and check Tables Automated With Scheduler 2024 <= 2.32 - Authenticated (Admin+) Arbitrary File Read

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.32 via the databasebackupajaxdownload function. This makes it possible for authenticated attackers, with administrator-level access...

WordPress Database Backup plugin <= 2.32 - Authenticated (Admin+) Arbitrary File Read vulnerability

Authenticated Admin+ Arbitrary File Read vulnerability discovered by sterva in WordPress Plugin Database Backup versions = 2.32...

PT-2024-17767 · WordPress · Database Backup/Check Tables Automated With Scheduler 2024

Name of the Vulnerable Software and Affected Versions: Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress versions up to, and including, 2.32 Description: The issue allows authenticated attackers with administrator-level access and above to read the contents of...

WordPress plugin Database Backup and check Tables Automated With Scheduler 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

CVE-2024-12482

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The...

CVE-2024-12482 cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The...

CVE-2024-12482 cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The...

CVE-2024-12482

CVE-2024-12482 affects cjbi wetech-cms versions 1.0–1.2, specifically the Database Backup Handler’s BackupFileUtil.java. The root cause is a path traversal vulnerability caused by manipulation of the backup function argument name (example: '../filedir'). The vulnerability can be triggered remotel...

CVE-2024-54153

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter...

CVE-2024-54153

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter...

CVE-2024-54153

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter...

CVE-2024-54153

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter...

CVE-2024-54153

CVE-2024-54153 applies to JetBrains YouTrack versions prior to 2024.3.51866. The Red Hat and other sources confirm an information disclosure where an unauthenticated database backup could be downloaded via a vulnerable query parameter. The issue stems from missing access control on that parameter...