Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-31474
HistoryMar 13, 2023 - 2:15 p.m.

CVE-2022-31474

2023-03-1314:15:12
CWE-22
[email protected]
web.nvd.nist.gov
812
In Wild
2
cve
2022
31474
directory traversal
ithemes
backupbuddy
plugin
vulnerability
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.015 Low

EPSS

Percentile

86.7%

JSON

Improper Limitation of a Pathname to a Restricted Directory (β€˜Path Traversal’) vulnerability in iThemes BackupBuddy allows Path Traversal.This issue affects BackupBuddy: from 8.5.8.0 through 8.7.4.1.

VendorProductVersionCPE
ithemesbackupbuddy*cpe:2.3:a:ithemes:backupbuddy:*:*:*:*:*:*:*:*

Social References

More

Related

checkpoint_advisories 1
wordfence 1
thn 1
malwarebytes 1
cvelist 1
prion 1
patchstack 1
wpvulndb 1
hivepro 1
attackerkb 1
wpexploit 1
zdt 1
nuclei 1
checkpoint_advisories
checkpoint_advisories
WordPress BackupBuddy Plugin Arbitrary File Read (CVE-2022-31474)
2022-09-12 00:00:00
wordfence
wordfence
PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin
2022-09-07 14:56:11
thn
thn
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts
2022-09-09 08:19:00
malwarebytes
malwarebytes
BackupBuddy WordPress plugin vulnerable to exploitation, update now!
2022-09-13 12:00:00
cvelist
cvelist
CVE-2022-31474 WordPress BackupBuddy Plugin 8.5.8.0-8.7.4.1 is vulnerable to Directory Traversal
2023-03-13 13:21:10
prion
prion
Directory traversal
2023-03-13 14:15:00
patchstack
patchstack
WordPress Backup Buddy plugin 8.5.8.0 - 8.7.4.1 - Unauthenticated Path Traversal / Arbitrary File Download vulnerability
2022-09-07 00:00:00
wpvulndb
wpvulndb
BackupBuddy < 8.7.5 - Unauthenticated Arbitrary File Access
2022-09-06 00:00:00
hivepro
hivepro
Zero-day Vulnerability in the WordPress BackupBuddy Plugin
2022-09-14 14:32:55
attackerkb
attackerkb
CVE-2022-31474
2023-03-13 00:00:00
wpexploit
wpexploit
BackupBuddy < 8.7.5 - Unauthenticated Arbitrary File Access
2022-09-06 00:00:00
zdt
zdt
WordPress BackupBuddy 8.7.4.1 Arbitrary File Read Vulnerability
2022-09-08 00:00:00
nuclei
nuclei
BackupBuddy - Local File Inclusion
2022-09-11 23:50:52

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.015 Low

EPSS

Percentile

86.7%

JSON
Related for CVE-2022-31474
checkpoint_advisories1wordfence1thn1malwarebytes1cvelist1prion1patchstack1wpvulndb1hivepro1attackerkb1wpexploit1zdt1nuclei1