Low severity2.7NVD Advisory· Published Apr 27, 2024· Updated Jun 17, 2026
CVE-2024-3034
CVE-2024-3034
Description
The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow.
Affected products
2<=3.13+ 1 more
- (no CPE)range: <=3.13
- (no CPE)range: <=3.13
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.