Sensitive Data Exposure in BackupBuddy Plugin for WordPress
CVE-2013-2742

Currently unrated

Key Information:

Vendor: Wordpress
Status: Backupbuddy
Vendor: CVE Published:; 2 April 2013

Summary

The BackupBuddy plugin for WordPress has a vulnerability in the importbuddy.php script that does not consistently delete itself after completing restoration tasks. This oversight can allow remote attackers to exploit the script through repeated access, potentially leading to unauthorized information retrieval and exposure of sensitive data.

References

http://packetstormsecurity.com/files/120923

x_refsource_MISC

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 2, 2013