5 matches found
JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing
JetBackup WordPress plugin = 2.0.9.9 does not use index files to prevent directory listing in certain configurations, letting malicious actors leak backup files, exploit requires access to the web server. id: CVE-2023-7165 info: name: JetBackup = 2.0.9.7 - Sensitive Information Exposure via...
CVE-2023-7165
creationtimestamp| type| source ---|---|--- 2024-02-27 10:26:10+00:00| seen| https://t.me/ctinow/194184 2024-02-27 10:26:29+00:00| seen| https://t.me/ctinow/194198 2026-04-09 03:37:19+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-7165.yam...
CVE-2023-7165
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...
CVE-2023-7165
CVE-2023-7165 affects JetBackup WordPress plugin prior to 2.0.9.9. The vulnerability stems from not using index files to block public directory listings, enabling leakage of backup files from /wp-content/uploads/jetbackup in certain configurations. Patch to 2.0.9.9+ or apply server-side controls ...
CVE-2023-7165 JetBackup < 2.0.9.9 - Directory Listing Exposing Backups
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...