CVE-2014-10076 – Database Backup for WordPress <= 2.2.4 - Missing Authorization

https://notcve.org/view.php?id=CVE-2014-10076

The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack. El plugin wp-db-backup 2.2.4 para WordPress se basa en una cadena de cinco caracteres para el control de acceso, lo que facilita a los atacantes remotos la lectura de archivos de copia de seguridad mediante un ataque por fuerza bruta. The wp-db-backup plugin up to 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack. • http://www.vapidlabs.com/advisory.php?v=81 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •