Arbitrary File Access Vulnerability in Backuply Plugin for WordPress
CVE-2024-2294

4.9MEDIUM

Key Information:

Vendor: Wordpress
Status: Backuply – Backup, Restore, Migrate And Clone
Vendor: CVE Published:; 16 March 2024

What is CVE-2024-2294?

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers.

Affected Version(s)

Backuply – Backup, Restore, Migrate and Clone * <= 1.2.7

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/backuply/trunk...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2024
Vulnerability Reserved
Mar 7, 2024

Credit

Dau Hoang Tai

Wordpress

What is CVE-2024-2294?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit