Description
WordPress Plugin Simple Backup is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Simple Backup version 2.7.10 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 2.7.11 or latest
References
Related Vulnerabilities
Oracle JRE CVE-2011-3563 Vulnerability (CVE-2011-3563)
WordPress Plugin SAML SP Single Sign On-SSO login Unspecified Vulnerability (4.8.70)
WordPress Plugin Justified Gallery Cross-Site Scripting (1.7.0)
Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)
WordPress Plugin HDW WordPress Video Gallery Multiple Cross-Site Scripting Vulnerabilities (1.2)