Lucene search

WpvulndbWPVDB-ID:90113124-233B-4666-9EF5-A341F78903CD

HistoryFeb 09, 2024 - 12:00 a.m.

Backuply - Backup, Restore, Migrate and Clone < 1.2.6 - Unauthenticated Denial of Service

2024-02-0900:00:00

wpscan.com

backuply

wordpress

denial of service

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Description The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.

CPENameOperatorVersion
eq1.2.6

CPE	Name	Operator	Version
		eq	1.2.6

References

www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for WPVDB-ID:90113124-233B-4666-9EF5-A341F78903CD