Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

backwpup backwpup vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2011-5208
Multiple directory traversal vulnerabilities in the BackWPup plugin prior to 1.4.1 for WordPress allow remote malicious users to read arbitrary files via a .. (dot dot) in the wpabs parameter to (1) app/options-view_log-iframe.php or (2) app/options-runnow-iframe.php.
Backwpup Backwpup
7.5
CVSSv2
CVE-2011-4342
PHP remote file inclusion vulnerability in wp_xml_export.php in the BackWPup plugin prior to 1.7.2 for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the wpabs parameter.
Backwpup Backwpup
5
CVSSv2
CVE-2017-2551
Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download.
Inpsyde Backwpup
NA
CVE-2023-5504
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated malicious users to store backups in arbitrary folders on the server provided they can be written to by the server. Add...
Inpsyde Backwpup
4.3
CVSSv2
CVE-2013-4626
Cross-site scripting (XSS) vulnerability in the BackWPup plugin prior to 3.0.13 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.
Marketpress Backwpup Plugin 3.0.7Marketpress Backwpup Plugin 3.0.6Marketpress Backwpup Plugin 3.0.5Marketpress Backwpup Plugin 3.0.4Marketpress Backwpup Plugin 3.0Marketpress Backwpup PluginMarketpress Backwpup Plugin 3.0.10Marketpress Backwpup Plugin 3.0.8Marketpress Backwpup Plugin 3.0.3Marketpress Backwpup Plugin 3.0.1Marketpress Backwpup Plugin 3.0.11Marketpress Backwpup Plugin 3.0.9Marketpress Backwpup Plugin 3.0.2
NA
CVE-2023-7164
The BackWPup WordPress plugin prior to 4.0.4 does not prevent visitors from leaking key information about ongoing backups, allowing unauthenticated malicious users to download backups of a site's database.
NA
CVE-2023-5775
The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated att...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook