Directory Traversal Vulnerabilities in BackWPup Plugin for WordPress
CVE-2011-5208

Currently unrated

Key Information:

Vendor

Wordpress
Status
BackWPup
Vendor
CVE Published:
8 October 2012

What is CVE-2011-5208?

The BackWPup plugin for WordPress prior to version 1.4.1 contains multiple directory traversal vulnerabilities. These issues allow remote attackers to exploit the wpabs parameter, enabling them to read arbitrary files from the server. This can occur through specially crafted requests to the app/options-view_log-iframe.php or app/options-runnow-iframe.php scripts. The vulnerability poses a significant risk by providing unauthorized access to sensitive files, potentially leading to further attacks or information disclosure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.osvdb.org/71242
vdb-entryx_refsource_OSVDB
http://wordpress.org/extend/plugins/backwpup/changelog/
x_refsource_CONFIRM
http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.