Filtered by vendor Backupbliss
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6750 | 1 Backupbliss | 1 Clone | 2024-01-11 | N/A | 7.5 HIGH |
| The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path. | |||||
| CVE-2023-6271 | 1 Backupbliss | 1 Backup Migration | 2024-01-08 | N/A | 7.5 HIGH |
| The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups. | |||||
| CVE-2023-7002 | 1 Backupbliss | 1 Backup Migration | 2023-12-29 | N/A | 7.2 HIGH |
| The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system. | |||||