2 matches found
WordPress BackUpWordPress Plugin <= 3.13 is vulnerable to Directory Traversal
Software BackUpWordPress Type Plugin Vulnerable versions = 3.13 Fixed in 3.14 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-3034 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 0f3e35fe3c69 Credits dk0pf - Plumeria Lab Required privilege...
CVE-2024-3034 BackUpWordPress <= 3.13 - Authenticated (Admin+) Directory Traversal
The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkpdirectorybrowse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the...