CVE-2006-4208

Name of the Vulnerable Software and Affected Versions Skippy WP-DB-Backup plugin for WordPress versions 1.7 and earlier

Description The issue allows remote authenticated users with administrative privileges to read arbitrary files. This is achieved by exploiting a directory traversal vulnerability in the wp-db-backup.php file, specifically by using a .. (dot dot) in the backup parameter to the edit.php endpoint.

Recommendations For Skippy WP-DB-Backup plugin for WordPress versions 1.7 and earlier, consider disabling the wp-db-backup.php file or restricting access to the edit.php endpoint until a patch is available. Avoid using the backup parameter in the edit.php endpoint to minimize the risk of exploitation.