CVE-2023-7165

Name of the Vulnerable Software and Affected Versions JetBackup WordPress plugin versions prior to 2.0.9.9

Description The issue allows malicious actors to leak backup files due to the plugin not using index files to prevent public directory listing of sensitive directories in certain configurations.

Recommendations For versions prior to 2.0.9.9, update to version 2.0.9.9 or later to resolve the issue. As a temporary workaround, consider configuring the server to prevent public directory listing of sensitive directories until the plugin is updated.