Description The plugin does not prevent visitors from leaking key information about ongoing backups, allowing unauthenticated attackers to download backups of a site’s database.
PoC
- Ensure that Apache is configured with the ability to list directory content. 2) When this is done, you can see the backup directory. 3) When the backup is in progress, you can access the backup at: http://your_site/wordpress/wp-content/uploads/backwpup-{hash}-temp/db.sql