2 matches found
CVE-2023-5505
creationtimestamp| type| source ---|---|--- 2025-03-02 11:46:30+00:00| seen| Telegram/HdWBcbf42HB3qEqRtJicBMt2y1NQPi1sWKKykT8CZ1Q372Vk...
CVE-2023-5505 BackWPup <= 4.0.1 - Authenticated (Administrator+) Directory Traversal
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally,...