Backupwordpress Plugin Security Vulnerabilities and Issues — Backupwordpress Plugin CVE List

Lucene search

Tom WillmotBackupwordpress Plugin

3 matches found

CVE•added 2024/04/27 5:15 a.m.•47 views

CVE-2024-3034

The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the co...

2.7CVSS6.4AI score0.00296EPSS

CVE•added 2007/11/03 12:46 a.m.•30 views

CVE-2007-5800

Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4) Reader.ph...

6.8CVSS7.8AI score0.08154EPSS

CVE•added 2023/03/07 3:15 p.m.•23 views

CVE-2022-4931

The BackupWordPress plugin for WordPress is vulnerable to information disclosure in versions up to, and including 3.12. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with subscriber...

4.3CVSS4.2AI score0.00108EPSS