CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6505 – Prime Mover < 1.9.3 - Directory Listing to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-6505
The Migrate WordPress Website & Backups WordPress plugin before 1.9.3 does not prevent directory listing in sensitive directories containing export files. El complemento Migrate WordPress Website & Backups de WordPress anterior a 1.9.3 no impide la lista de directorios en directorios confidenciales que contienen archivos de exportación. The Migrate WordPress Website & Backups – Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes. • https://wpscan.com/vulnerability/eca6f099-6af0-4f42-aade-ab61dd792629 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •