Backwpup Security Vulnerabilities and Issues — Backwpup CVE List

Lucene search

InpsydeBackwpup

5 matches found

CVE•added 2024/01/11 9:15 a.m.•98 views

CVE-2023-5504

The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default settin...

8.7CVSS8.4AI score0.00527EPSS

CVE•added 2024/02/26 4:27 p.m.•92 views

CVE-2023-5775

The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated attackers, with admini...

2.7CVSS4.9AI score0.00234EPSS

CVE•added 2024/04/08 6:15 p.m.•62 views

CVE-2023-7164

The BackWPup WordPress plugin before 4.0.4 does not prevent Directory Listing in its temporary backup folder, allowing unauthenticated attackers to download backups of a site's database.

7.5CVSS7.5AI score0.00412EPSS

CVE•added 2024/08/17 9:15 a.m.•44 views

CVE-2023-5505

The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, def...

6.8CVSS6.5AI score0.00548EPSS

CVE•added 2017/09/28 1:29 a.m.•41 views

CVE-2017-2551

Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download.

7.5CVSS7.5AI score0.00583EPSS