Multiple directory traversal vulnerabilities in the BackWPup plugin prior to 1.4.1 for WordPress allow remote malicious users to read arbitrary files via a .. (dot dot) in the wpabs parameter to (1) app/options-view_log-iframe.php or (2) app/options-runnow-iframe.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
backwpup backwpup |