1 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. El plugin para WordPess WP Backup+ (conocido como WPbackupplus) hasta 22-11-2018 permite a los atacantes remotos obtener información sensible de los archivos y carpetas del servidor, como lo demuestra download.sql. • http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00006.html https://www.easyhack.in/2018/11/21/wordpress-plugin-database-backup-information-disclosure-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •