Unrated severityNVD Advisory· Published May 7, 2019· Updated Aug 5, 2024
CVE-2018-19456
CVE-2018-19456
Description
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql.
Affected products
5- WordPress/WP Backup+description
- osv-coords4 versionspkg:rpm/suse/libgit2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/libgit2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/libgit2&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/libgit2&distro=SUSE%20Manager%20Server%203.2
< 0.24.1-7.9.1+ 3 more
- (no CPE)range: < 0.24.1-7.9.1
- (no CPE)range: < 0.24.1-7.9.1
- (no CPE)range: < 0.24.1-7.9.1
- (no CPE)range: < 0.24.1-7.9.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- lists.opensuse.org/opensuse-security-announce/2019-01/msg00006.htmlmitrevendor-advisoryx_refsource_SUSE
- www.easyhack.in/2018/11/21/wordpress-plugin-database-backup-information-disclosure-vulnerability/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.