265 matches found
CVE-2023-7204
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...
Design/Logic Flaw
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...
CVE-2023-7204 WP STAGING WordPress Backup Plugin < 3.2.0 - Unauthorized Sensitive Data Exposure
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...
PT-2024-15229 · WordPress · Wp Staging
Name of the Vulnerable Software and Affected Versions: WP STAGING WordPress Backup plugin versions prior to 3.2.0 Description: The issue allows access to cache files during the cloning process. This provides unauthorized access to sensitive information. Recommendations: For versions prior to 3.2....
CVE-2023-6113
The WP STAGING WordPress Backup Plugin before 3.1.3 and WP STAGING Pro WordPress Backup Plugin before 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated attackers to download said backups later...
CVE-2023-6113 WP Staging (Free < 3.1.3, Pro < 5.1.3) - Unauthenticated Backup Download
The WP STAGING WordPress Backup Plugin before 3.1.3 and WP STAGING Pro WordPress Backup Plugin before 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated attackers to download said backups later...
CVE-2023-6113
CVE-2023-6113 affects WP STAGING WordPress Backup Plugin <3.1.3 and WP STAGING Pro
PT-2024-14883 · WordPress · Wp Staging Pro Wordpress Backup Plugin
Name of the Vulnerable Software and Affected Versions: WP STAGING WordPress Backup Plugin versions prior to 3.1.3 WP STAGING Pro WordPress Backup Plugin versions prior to 5.1.3 Description: The issue allows unauthenticated attackers to obtain key information about ongoing backup processes, which...
CVE-2023-52185
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9...
CVE-2023-52185
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9...
CVE-2023-52185 WordPress Everest Backup Plugin <= 2.1.9 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9...
PT-2023-23889 · Prashant Walke · Wp All Backup
Name of the Vulnerable Software and Affected Versions: Prashant Walke WP All Backup plugin versions = 2.4.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web...
Bludit Arbitrary File Download
-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...
Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated) Exploit
-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...
Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)
-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...
CVE-2023-32960
Cross-Site Request Forgery CSRF vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin = 1.23.3 versions leads to sitewide Cross-Site Scripting XSS...
CVE-2023-32960
Cross-Site Request Forgery CSRF vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin = 1.23.3 versions leads to sitewide Cross-Site Scripting XSS...
CVE-2023-32960
CVE-2023-32960 affects the WordPress UpdraftPlus Backup Plugin prior to or up to version 1.23.3. The vulnerability is a CSRF that enables sitewide XSS when exploited by a logged-in user or via crafted requests, as described in multiple sources. The OpenVAS advisory notes a fix path at 1.23.4, whi...
WordPress WP All Backup Plugin <= 2.4.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP All Backup Type Plugin Vulnerable versions = 2.4.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32583 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 2d09c30b2474 Credits Mika Required privilege...
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.14 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-05)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.14. It is, therefore, affected by multiple vulnerabilities including the following: - CloudBees Backup plugin uses SHA-1 hashes for the approvers map BEE-29578 - CloudBee...