Description
WordPress Plugin Simple Backup is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Simple Backup version 2.7.10 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 2.7.11 or latest
References
Related Vulnerabilities
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.15)
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (5.7.7)
WordPress Plugin WP Fastest Cache Directory Traversal (0.8.9.5)
WordPress Plugin Filter Custom Fields & Taxonomies Light Unspecified Vulnerability (1.04)
Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4314)