The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. This makes it possible for attackers with administrator privileges or higher to read the contents of arbitrary files on the server, which can contain sensitive information.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NSoftaculous Backuply
APPSoftaculous≤ 1.2.3
Powiązane podatności
SQL Injection w pluginie WordPress Backuply (do wersji 1.3.4)
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in a...
Softaculous Webuzo — pominięcie uwierzytelnienia przez reset hasła
The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctl...
Softaculous Webuzo contains a command injection in the password reset functionality. A remote, authenticated a...