Description

The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups.

Remediation

References

CVE-2023-6271

Related Vulnerabilities

WordPress Plugin 360 Product Rotation Arbitrary File Upload (1.2.4)

WordPress Plugin Easy Contact Form Pro Cross-Site Scripting (1.1.1.8)

WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.2)

WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9419)

Severity

High

Classification

CVE-2023-6271 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities