Lucene search
Dmitrii IgnatyevWPVDB-ID:79B07F37-2C6B-4846-BB28-91A1E5BF112EHistoryMar 18, 2024 - 12:00 a.m.
BackWPup < 4.0.4 - Unauthenticated Backup Download
2024-03-1800:00:00
Dmitrii Ignatyev
wpscan.com
7
backwpup
unauthenticated access
backup download
database access
security vulnerability
Description The plugin does not prevent visitors from leaking key information about ongoing backups, allowing unauthenticated attackers to download backups of a site’s database.
PoC
- Ensure that Apache is configured with the ability to list directory content. 2) When this is done, you can see the backup directory. 3) When the backup is in progress, you can access the backup at: http://your_site/wordpress/wp-content/uploads/backwpup-{hash}-temp/db.sql
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 4.0.4 |
References
Related
vulnrichment
vulnrichment
CVE-2023-7164 BackWPup < 4.0.4 - Unauthenticated Backup Download
2024-04-08 17:28:14
nvd
nvd
CVE-2023-7164
2024-04-08 18:15:08
cve
cve
CVE-2023-7164
2024-04-08 18:15:08
cvelist
cvelist
CVE-2023-7164 BackWPup < 4.0.4 - Unauthenticated Backup Download
2024-04-08 17:28:14
wpexploit
wpexploit
BackWPup < 4.0.4 - Unauthenticated Backup Download
2024-03-18 00:00:00
6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for WPVDB-ID:79B07F37-2C6B-4846-BB28-91A1E5BF112E