CVE-2013-2743 – BackupBuddy < 3.0 - Authentication Bypass

https://notcve.org/view.php?id=CVE-2013-2743

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allows remote attackers to bypass authentication via a crafted integer in the step parameter. importbuddy.php en el complemento BackupBuddy v1.3.4, v2.1.4, v2.2.25, v2.2.28, y v2.2.4 para WordPress que permite a atacantes remotos evitar autenticaciones a través del parámetro step manipulando el entero. • http://archives.neohapsis.com/archives/fulldisclosure/2013-03/0205.html http://packetstormsecurity.com/files/120923 • CWE-287: Improper Authentication •