Description
The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.
Remediation
References
Related Vulnerabilities
Apache Tomcat Improper Input Validation Vulnerability (CVE-2012-2733)
Oracle JRE CVE-2013-5830 Vulnerability (CVE-2013-5830)
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Request Forgery (2.6.1)
WordPress Plugin WP Source Control Directory Traversal (3.0.0)
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Vulnerabilities (2.3.1)