6 matches found
CVE-2022-31474
BackupBuddy WordPress plugin versions 8.5.8.0–8.7.4.1 are affected by a local file inclusion / arbitrary file read vulnerability. The root cause is a path traversal issue exposed via the download and local-destination-id parameters, enabling access to sensitive server files. Impact stated in sour...
CVE-2022-4897
The CVE-2022-4897 entry concerns the WordPress BackupBuddy plugin, version
CVE-2013-2741
The CVE-2013-2741 issue affects the WordPress BackupBuddy plugin (importbuddy.php) in versions including 1.3.4, 2.1.4, 2.2.25, 2.2.28 and 2.2.4. The vulnerability arises because importbuddy.php does not require authentication, enabling remote attackers to obtain sensitive information or to overwr...
CVE-2013-2742
CVE-2013-2742 affects the WordPress BackupBuddy plugin via importbuddy.php. Affected versions: 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4. The root cause is that importbuddy.php does not reliably delete itself after completing a restore, enabling remote attackers to gain access through subsequent re...
CVE-2013-2743
CVE-2013-2743 affects the WordPress BackupBuddy plugin (importbuddy.php) and allows remote attackers to bypass authentication by sending a crafted integer in the step parameter, impacting versions 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4. Root cause is an authentication bypass in importbuddy.php r...
CVE-2013-2744
CVE-2013-2744 affects WordPress BackupBuddy plugin, version 2.2.25, via importbuddy.php. The vulnerability allows remote attackers to disclose configuration information by triggering a step 0 phpinfo action that calls phpinfo. Impact is information disclosure of configuration data; no exploit det...