PT-2017-15444 · WordPress · Backwpup

Larry W. Cashdollar

+1

·

Published

2017-09-27

·

Updated

2017-10-10

·

CVE-2017-2551

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Wordpress plugin BackWPup versions prior to 3.4.2
Description The issue allows for the possible brute forcing of a backup file for download.
Recommendations For versions prior to 3.4.2, update to version 3.4.2 or later to resolve the issue.

Exploit

Fix

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-552

Related Identifiers

CVE-2017-2551

Affected Products

Backwpup