CVE-2023-6565 InfiniteWP Client <= 1.12.3 - Unauthenticated Sensitive Information Exposure

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.12.3 via the multi-call backup option. This makes it possible for unauthenticated attackers to extract sensitive data from a temporary SQL file via repeated GET...

PT-2024-15009 · WordPress · Infinitewp Client

Name of the Vulnerable Software and Affected Versions: InfiniteWP Client plugin for WordPress versions up to, and including, 1.12.3 Description: The issue allows unauthenticated attackers to extract sensitive data from a temporary SQL file via repeated GET requests during the limited time window ...