vendor:
BackWPup Plugin for WordPress
by:
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: BackWPup Plugin for WordPress
Affected Version From:
Affected Version To:
Patch Exists: YES
Related CWE:
CPE: a:backwpup:backwpup
Platforms Tested: WordPress
Multiple Information Disclosure Vulnerabilities in BackWPup Plugin for WordPress
The BackWPup plugin for WordPress is prone to multiple information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to retrieve the contents of an arbitrary file. Information obtained may aid in launching further attacks.
Mitigation:
Update to the latest version of the BackWPup plugin.