CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0842 – Backuply - Backup, Restore, Migrate and Clone <= 1.2.6 - Denial of Service
https://notcve.org/view.php?id=CVE-2024-0842
08 Feb 2024 — The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources. El complemento Backuply – Backup, Restore, Migrate and Clone para WordPress es vulnerable a la denegación de servicio en todas las versiones hasta la 1.2.5 in... • https://plugins.trac.wordpress.org/changeset/3033242/backuply/trunk/restore_ins.php • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0697 – Backuply – Backup, Restore, Migrate and Clone <= 1.2.3 - Authenticated (Administrator+) Directory Traversal
https://notcve.org/view.php?id=CVE-2024-0697
26 Jan 2024 — The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. This makes it possible for attackers with administrator privileges or higher to read the contents of arbitrary files on the server, which can contain sensitive information. El complemento Backuply – Backup, Restore, Migrate and Clone para WordPress es vulnerable a Directory Traversal en todas las... • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026806%40backuply&new=3026806%40backuply&sfp_email=&sfph_mail= • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •