Description

WordPress Plugin XCloner-Backup and Restore is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information (filenames of previous backups) that could aid in further attacks. WordPress Plugin XCloner-Backup and Restore version 3.1.4 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 3.1.5 or latest

References

Related Vulnerabilities