5 matches found
CVE-2023-5504
Summary (CVE-2023-5504) The BackWPup WordPress backup plugin is affected by a directory traversal vulnerability in versions up to and including 4.0.1, exploitable via the Log File Folder. The underlying issue allows an authenticated attacker with plugin access to store backups in arbitrary server...
CVE-2023-5775
CVE-2023-5775 : BackWPup for WordPress stores backup destination passwords in plaintext in all versions up to 4.0.2. The root cause is plaintext storage of credentials, enabling an authenticated administrator to retrieve the password from the UI or the options table. Remediation: upgrade to a ver...
CVE-2023-7164
BackWPup WordPress plugin before 4.0.4 exposes a directory listing vulnerability in its temporary backup folder, allowing unauthenticated attackers to download site backups (database files). Root cause: lack of access restrictions on the backup directory. Impact: potential data exposure of backup...
CVE-2023-5505
CVE-2023-5505 refers to BackWPup – WordPress Backup & Restore Plugin. Affected: BackWPup
CVE-2017-2551
The CVE concerns the WordPress BackWPup plugin, versions prior to 3.4.2, which allows brute-force download of backup files. Affected component: BackWPup WordPress plugin; root cause is a vulnerability enabling unauthorized retrieval of backups over the network. Impact: potential exposure of backu...