importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allows remote malicious users to bypass authentication via a crafted integer in the step parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ithemes backupbuddy 2.2.4 |
||
ithemes backupbuddy 1.3.4 |
||
ithemes backupbuddy 2.1.4 |
||
ithemes backupbuddy 2.2.25 |
||
ithemes backupbuddy 2.2.28 |