Lucene search
K

5 matches found

Snyk
Snyk
added 2026/06/19 7:35 p.m.5 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the CRI checkpoint restore plugin due to improper validation of symlinked paths. An attacker can access arbitrary files on the host by crafting a malicious checkpoint image and leveraging the...

8.2CVSS6AI score0.00245EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.19 views

PT-2026-41465

Name of the Vulnerable Software and Affected Versions Backup and Restore version 1.0.3 Description Authenticated attackers can delete arbitrary files from the WordPress installation directory. This is achieved by sending POST requests to the 'admin-ajax.php' endpoint with manipulated file name an...

8.8CVSS5.9AI score0.00397EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-28785

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2025/01/07 4:22 a.m.70 views

CVE-2024-12208

CVE-2024-12208 is a reserved candidate; however, connected documents provide concrete details for a related vulnerability: WordPress – Backup and Restore WordPress (WPBackItUp) plugin (versions up to 1.50) suffers a Cross-Site Request Forgery (CSRF) due to missing nonce validation in the ajaxQueu...

4.3AI score
Exploits0
OSV
OSV
added 2024/03/26 5:15 a.m.3 views

CVE-2023-7232

The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data...

5.3CVSS5.6AI score0.00565EPSS
Exploits2References1
Rows per page
Query Builder