Medium severity4.9NVD Advisory· Published Mar 16, 2024· Updated Jun 17, 2026
CVE-2024-2294
CVE-2024-2294
Description
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.2.7+ 1 more
- (no CPE)range: <=1.2.7
- (no CPE)range: <=1.2.7
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.