Lucene search
+L
IthemesBackupbuddy

6 matches found

CVE
CVE
added 2023/03/13 1:21 p.m.998 views

CVE-2022-31474

BackupBuddy WordPress plugin versions 8.5.8.0–8.7.4.1 are affected by a local file inclusion / arbitrary file read vulnerability. The root cause is a path traversal issue exposed via the download and local-destination-id parameters, enabling access to sensitive server files. Impact stated in sour...

7.5CVSS7.5AI score0.63761EPSS
In wildWeb
CVE
CVE
added 2023/02/21 8:50 a.m.95 views

CVE-2022-4897

The CVE-2022-4897 entry concerns the WordPress BackupBuddy plugin, version

6.1CVSS6.2AI score0.00858EPSS
Web
CVE
CVE
added 2013/04/02 10:0 a.m.52 views

CVE-2013-2741

The CVE-2013-2741 issue affects the WordPress BackupBuddy plugin (importbuddy.php) in versions including 1.3.4, 2.1.4, 2.2.25, 2.2.28 and 2.2.4. The vulnerability arises because importbuddy.php does not require authentication, enabling remote attackers to obtain sensitive information or to overwr...

7.5CVSS6.9AI score0.02563EPSS
CVE
CVE
added 2013/04/02 10:0 a.m.52 views

CVE-2013-2742

CVE-2013-2742 affects the WordPress BackupBuddy plugin via importbuddy.php. Affected versions: 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4. The root cause is that importbuddy.php does not reliably delete itself after completing a restore, enabling remote attackers to gain access through subsequent re...

7.5CVSS6.7AI score0.0243EPSS
CVE
CVE
added 2013/04/02 10:0 a.m.48 views

CVE-2013-2743

CVE-2013-2743 affects the WordPress BackupBuddy plugin (importbuddy.php) and allows remote attackers to bypass authentication by sending a crafted integer in the step parameter, impacting versions 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4. Root cause is an authentication bypass in importbuddy.php r...

7.5CVSS7.1AI score0.02563EPSS
CVE
CVE
added 2013/04/02 10:0 a.m.42 views

CVE-2013-2744

CVE-2013-2744 affects WordPress BackupBuddy plugin, version 2.2.25, via importbuddy.php. The vulnerability allows remote attackers to disclose configuration information by triggering a step 0 phpinfo action that calls phpinfo. Impact is information disclosure of configuration data; no exploit det...

5CVSS6.5AI score0.02136EPSS