WordPress Plugin XCloner-Backup and Restore Directory Traversal (3.1.4)

Description
  • WordPress Plugin XCloner-Backup and Restore is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information (filenames of previous backups) that could aid in further attacks. WordPress Plugin XCloner-Backup and Restore version 3.1.4 is vulnerable; prior versions may also be affected.
Remediation
  • Update to plugin version 3.1.5 or latest
References