Lucene search
K
InpsydeBackwpup

5 matches found

CVE
CVE
added 2024/01/11 8:33 a.m.120 views

CVE-2023-5504

Summary (CVE-2023-5504) The BackWPup WordPress backup plugin is affected by a directory traversal vulnerability in versions up to and including 4.0.1, exploitable via the Log File Folder. The underlying issue allows an authenticated attacker with plugin access to store backups in arbitrary server...

8.7CVSS8.4AI score0.00926EPSS
CVE
CVE
added 2024/02/24 8:38 a.m.104 views

CVE-2023-5775

CVE-2023-5775 : BackWPup for WordPress stores backup destination passwords in plaintext in all versions up to 4.0.2. The root cause is plaintext storage of credentials, enabling an authenticated administrator to retrieve the password from the UI or the options table. Remediation: upgrade to a ver...

2.7CVSS4.9AI score0.00449EPSS
CVE
CVE
added 2024/04/08 5:28 p.m.85 views

CVE-2023-7164

BackWPup WordPress plugin before 4.0.4 exposes a directory listing vulnerability in its temporary backup folder, allowing unauthenticated attackers to download site backups (database files). Root cause: lack of access restrictions on the backup directory. Impact: potential data exposure of backup...

7.5CVSS7.5AI score0.02261EPSS
CVE
CVE
added 2024/08/17 8:37 a.m.64 views

CVE-2023-5505

CVE-2023-5505 refers to BackWPup – WordPress Backup & Restore Plugin. Affected: BackWPup

6.8CVSS6.5AI score0.00981EPSS
CVE
CVE
added 2017/09/27 4:0 p.m.55 views

CVE-2017-2551

The CVE concerns the WordPress BackWPup plugin, versions prior to 3.4.2, which allows brute-force download of backup files. Affected component: BackWPup WordPress plugin; root cause is a vulnerability enabling unauthorized retrieval of backups over the network. Impact: potential exposure of backu...

7.5CVSS7.5AI score0.01671EPSS