WordPress Plugin Backup Database Backup Information Disclosure (2.0.1)

Description

WordPress Plugin Backup is prone to an information disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download database backup files from the affected application. This may allow the attacker to obtain sensitive information; other attacks are also possible. WordPress Plugin Backup version 2.0.1 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.1 or latest

References
Severity
Classification
Tags
  • Missing Update