Backwpup : Security Vulnerabilities, CVEs, CVSS score >= 3
Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the wpabs parameter to (1) app/options-view_log-iframe.php or (2) app/options-runnow-iframe.php.
Max CVSS
5.0
EPSS Score
0.35%
Published
2012-10-08
Updated
2012-10-09
PHP remote file inclusion vulnerability in wp_xml_export.php in the BackWPup plugin before 1.7.2 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter.
Max CVSS
7.5
EPSS Score
15.21%
Published
2012-10-08
Updated
2012-10-09
2 vulnerabilities found