Description

Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request.

Remediation

References

CVE-2006-5705

Related Vulnerabilities

WordPress Plugin NextGEN Gallery Sell Photo Cross-Site Scripting (1.0.4)

WordPress Plugin Flexible Captcha Multiple Vulnerabilities (3.3)

MySQL CVE-2016-0503 Vulnerability (CVE-2016-0503)

WordPress Plugin Advanced Ads-Ad Manager & AdSense Unspecified Vulnerability (1.7.1.1)

MySQL CVE-2021-2028 Vulnerability (CVE-2021-2028)

Severity

Medium

Classification

CVE-2006-5705

Tags

Missing Update Known Vulnerabilities