CVE-2023-7232 – Backup and Restore WordPress <= 1.45 - Unauthenticated Sensitive Data Exposure

https://notcve.org/view.php?id=CVE-2023-7232

The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data El complemento Backup and Restore WordPress de WordPress hasta la versión 1.45 no protege algunos archivos de registro que contienen información confidencial, como la configuración del sitio, etc., lo que permite a usuarios no autenticados acceder a dichos datos. The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.45 via log files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via log files. • https://wpscan.com/vulnerability/323fef8a-aa17-4698-9a02-c12d1d390763 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •