The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow.
References
Configurations
No configuration.
History
27 Apr 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-27 05:15
Updated : 2024-04-29 12:42
NVD link : CVE-2024-3034
Mitre link : CVE-2024-3034
CVE.ORG link : CVE-2024-3034
JSON object : View
Products Affected
No product.
CWE
No CWE.