Lucene search
+L

4 matches found

Nuclei
Nuclei
added 17 hours ago17 views

WordPress Backup Migration <= 1.3.6 - Path Traversal

WordPress Backup Migration plugin versions up to 1.3.6 contain a path traversal and file validation issue in handledownloading function, letting unauthenticated attackers download backup files containing sensitive information. id: CVE-2023-6266 info: name: WordPress Backup Migration = 1.3.6 - Pat...

7.5CVSS7.6AI score0.02072EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.11 views

CVE-2023-6266

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download...

7.5CVSS6.4AI score0.02072EPSS
Exploits0References1
CVE
CVE
added 2024/01/11 8:32 a.m.107 views

CVE-2023-6266

CVE-2023-6266 - WordPress Backup Migration plugin : Concrete details show a path traversal/file validation flaw in the BMI_BACKUP path within the handle_downloading function, affecting all versions up to 1.3.6. Unauthenticated attackers can download backup files containing sensitive data (e.g., p...

7.5CVSS7.2AI score0.02072EPSS
In wildExploits0References4Affected Software1
Patchstack
Patchstack
added 2023/12/01 12:0 a.m.21 views

WordPress Backup Migration Plugin <= 1.3.6 is vulnerable to Sensitive Data Exposure

Software Backup Migration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-6266 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 7df0ea44f3d7 Credits Rafshanzani Suhada...

7.5CVSS6.5AI score0.02072EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder