VYPR

Backwpup

by Inpsyde

Source repositories

CVEs (3)

  • CVE-2023-5504HigJan 11, 2024
    risk 0.57cvss 8.7epss 0.01

    The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server.…

  • CVE-2017-2551HigSep 28, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download.

  • CVE-2023-5775LowFeb 26, 2024
    risk 0.07cvss 2.2epss 0.00

    The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated…