CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

63 matches found

OSV•added 2023/03/07 2:15 p.m.•1 views

CVE-2020-36669

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.3.9. This is due to missing nonce validation on the backupguardgetimportbackup function. This makes it possible for unauthenticated attackers to upload...

8.8CVSS5.9AI score

Exploits0References2

OSV•added 2023/03/07 2:15 p.m.•3 views

CVE-2020-36667

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backupguardclouddropbox, backupguardcloudgdrive, and backupguardcloudoneDrive function...

5.4CVSS5.8AI score0.00483EPSS

Exploits0References2

NVD•added 2023/03/07 2:15 p.m.•11 views

CVE-2020-36668

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backupguardgetmanualmodal function called via an AJAX action. This makes it possible for...

4.3CVSS4.2AI score0.00639EPSS

Exploits0References3

NVD•added 2023/03/07 2:15 p.m.•12 views

CVE-2020-36669

8.8CVSS8.5AI score0.00408EPSS

Exploits0References3

NVD•added 2023/03/07 2:15 p.m.•12 views

CVE-2020-36667

5.4CVSS5AI score0.00483EPSS

Exploits0References3

Prion•added 2023/03/07 2:15 p.m.•17 views

Information disclosure

5.5CVSS5.1AI score0.00483EPSS

Exploits0References2Affected Software1

Prion•added 2023/03/07 2:15 p.m.•13 views

Information disclosure

4CVSS4.3AI score0.00639EPSS

Exploits0References2Affected Software1

Prion•added 2023/03/07 2:15 p.m.•18 views

Cross site request forgery (csrf)

6.8CVSS8.4AI score0.00408EPSS

Exploits0References2Affected Software1

CVE•added 2023/03/07 1:33 p.m.•43 views

CVE-2020-36669

The CVE applies to the WordPress plugin JetBackup – WP Backup, Migrate & Restore, affected up to version 1.3.9. The root cause is missing nonce validation in the backup_guard_get_import_backup() function, enabling Cross-Site Request Forgery that can let unauthenticated attackers upload arbitrary ...

8.8CVSS8.3AI score0.00408EPSS

Exploits0References3Affected Software1

Cvelist•added 2023/03/07 1:33 p.m.•17 views

CVE-2020-36669 JetBackup – WP Backup, Migrate & Restore <= 1.3.9 - Cross-Site Request Forgery to Arbitrary File Upload

8.8CVSS8.5AI score0.00408EPSS

Exploits0References2

Vulnrichment•added 2023/03/07 1:33 p.m.•9 views

CVE-2020-36669

8.8CVSS8.5AI score0.00408EPSS

Exploits0References2

CVE•added 2023/03/07 1:28 p.m.•37 views

CVE-2020-36668

The CVE concerns the JetBackup – WP Backup, Migrate & Restore plugin for WordPress (versions ≤ 1.4.0). Root cause: lack of proper capability checks on the backup_guard_get_manual_modal function invoked via an AJAX action. Impact: allows subscriber-level attackers and above to disclose database ta...

4.3CVSS4.2AI score0.00639EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/03/07 1:28 p.m.•9 views

CVE-2020-36668 JetBackup – WP Backup, Migrate & Restore <= 1.4.0 - Sensitive Information Disclosure

4.3CVSS5.9AI score0.00639EPSS

Exploits0References2

CVE•added 2023/03/07 1:23 p.m.•43 views

CVE-2020-36667

The CVE affects the JetBackup – WP Backup, Migrate & Restore WordPress plugin (versions up to and including 1.4.1). Root cause: insufficient capability checks on backup_guard_cloud_dropbox, backup_guard_cloud_gdrive, and backup_guard_cloud_oneDrive, allowing authenticated users with minimal privi...

5.4CVSS5AI score0.00483EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/03/07 1:23 p.m.•9 views

CVE-2020-36667

5.4CVSS5.1AI score0.00483EPSS

Exploits0References2

Cvelist•added 2023/03/07 1:23 p.m.•18 views

CVE-2020-36667 JetBackup – WP Backup, Migrate & Restore <= 1.4.1 - Missing Authorization to Unauthorized Backup Location Change

5.4CVSS5.1AI score0.00483EPSS

Exploits0References2

Positive Technologies•added 2023/03/07 12:0 a.m.•2 views

PT-2023-11836 · WordPress · Jetbackup

Name of the Vulnerable Software and Affected Versions: JetBackup – WP Backup, Migrate & Restore plugin for WordPress versions up to, and including 1.3.9 Description: The issue is due to missing nonce validation on the backup guard get import backup function, making it possible for unauthenticated...

8.8CVSS8.7AI score0.00408EPSS

Exploits0References7

Positive Technologies•added 2023/03/07 12:0 a.m.•3 views

PT-2023-11835 · WordPress · Jetbackup

Name of the Vulnerable Software and Affected Versions: JetBackup – WP Backup, Migrate & Restore plugin for WordPress versions up to, and including, 1.4.0 Description: The issue is related to sensitive information disclosure due to a lack of proper capability checking on the backup guard get manua...

4.3CVSS4.3AI score0.00639EPSS

Exploits0References7

Positive Technologies•added 2023/03/07 12:0 a.m.•4 views

PT-2023-11834 · WordPress · Jetbackup

Name of the Vulnerable Software and Affected Versions: JetBackup – WP Backup, Migrate & Restore plugin for WordPress versions up to, and including 1.4.1 Description: The issue allows authenticated attackers with minimal permissions to change the location of backups, potentially leading to the the...

5.4CVSS5.2AI score0.00483EPSS

Exploits0References7

CNNVD•added 2023/03/07 12:0 a.m.•2 views

WordPress plugin JetBackup – WP Backup, Migrate & Restore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS5.8AI score0.00483EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by