3 matches found
CVE-2023-5775
The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated attackers, with...
WordPress BackWPup Plugin <= 4.0.2 is vulnerable to Sensitive Data Exposure
Software BackWPup Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-5775 Patch priority Low CVSS severity Low 2.2 Developer Claim ownership PSID f595a8cd94ea Credits Stefan Marjanov Required privileg...
CVE-2023-5775
CVE-2023-5775 : BackWPup for WordPress stores backup destination passwords in plaintext in all versions up to 4.0.2. The root cause is plaintext storage of credentials, enabling an authenticated administrator to retrieve the password from the UI or the options table. Remediation: upgrade to a ver...