CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8669 – Backuply – Backup, Restore, Migrate and Clone <= 1.3.4 - Authenticated (Admin+) SQL Injection
https://notcve.org/view.php?id=CVE-2024-8669
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter passed to the backuply_wp_clone_sql() function in all versions up to, and including, 1.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1477 https://plugins.trac.wordpress.org/changeset/3151205 https://www.wordfence.com/threat-intel/vulnerabilities/id/6a061553-c988-4a31-a0a2-7a2608faa33f?source=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2294 – Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal
https://notcve.org/view.php?id=CVE-2024-2294
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers. El complemento Backuply – Backup, Restore, Migrate and Clone para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 1.2.7 incluida a través del parámetro backup_name en la función backuply_download_backup. Esto hace posible que los atacantes tengan una cuenta con solo la capacidad enable_plugins para acceder a archivos arbitrarios en el servidor, que pueden contener información confidencial. • https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615 https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0842 – Backuply - Backup, Restore, Migrate and Clone <= 1.2.6 - Denial of Service
https://notcve.org/view.php?id=CVE-2024-0842
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources. El complemento Backuply – Backup, Restore, Migrate and Clone para WordPress es vulnerable a la denegación de servicio en todas las versiones hasta la 1.2.5 incluida. Esto se debe al acceso directo al archivo backuply/restore_ins.php. • https://plugins.trac.wordpress.org/changeset/3033242/backuply/trunk/restore_ins.php https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716?source=cve • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0697 – Backuply – Backup, Restore, Migrate and Clone <= 1.2.3 - Authenticated (Administrator+) Directory Traversal
https://notcve.org/view.php?id=CVE-2024-0697
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. This makes it possible for attackers with administrator privileges or higher to read the contents of arbitrary files on the server, which can contain sensitive information. El complemento Backuply – Backup, Restore, Migrate and Clone para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 1.2.3 inclusive a través del parámetro node_id en la función backuply_get_jstree. Esto hace posible que atacantes con privilegios de administrador o superiores lean el contenido de archivos arbitrarios en el servidor, que pueden contener información confidencial. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026806%40backuply&new=3026806%40backuply&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/70effa22-fbf6-44cb-9d1b-8625969c10ac?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •