CVE-2023-3132

Name of the Vulnerable Software and Affected Versions MainWP Child plugin for WordPress versions up to, and including, 4.4.1.1

Description The issue allows unauthenticated attackers to extract sensitive data, including the entire installation's database, due to insufficient controls on the storage of back-up files. This occurs when a backup happens and the deletion of the back-up files fails.

Recommendations For versions up to, and including, 4.4.1.1, update to a version higher than 4.4.1.1 to resolve the issue.