Unauthenticated Access to Sensitive Log Data in Backup and Restore WordPress Plugin

CVE-2023-7232

Currently unrated 🤨

Key Information

Vendor: WordPress
Status: Backup And Restore WordPress
Vendor: CVE Published:; 26 March 2024

Summary

The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data

Affected Version(s)

Backup and Restore WordPress <= 1.45

Timeline

Vulnerability published.
Mar 26, 2024
Vulnerability Reserved.
Jan 12, 2024

Collectors

NVD DatabaseMitre Database

Credit

Dmitrii Ignatyev

WPScan