Description
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download back-up files which can contain sensitive information such as user passwords, PII, database credentials, and much more.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce PayU India (PayUmoney-PayUbiz) Parameter Tampering (2.1.1)
Elgg Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2021-3980)
WordPress Plugin FormCraft-Contact Form Builder Cross-Site Request Forgery (1.2.1)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
WordPress Plugin Spider Calendar Cross-Site Scripting (1.1.0)