cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2294,https://securityvulnerability.io/vulnerability/CVE-2024-2294,Arbitrary File Access Vulnerability in Backuply Plugin for WordPress,"The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers.",Wordpress,"Backuply – Backup, Restore, Migrate And Clone",4.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-03-16T01:55:44.198Z,0
CVE-2024-0842,https://securityvulnerability.io/vulnerability/CVE-2024-0842,Backuply Plugin Vulnerable to Denial of Service Attacks,"The Backuply plugin for WordPress, designed for backup and migration tasks, exhibits a vulnerability that allows unauthenticated attackers to exploit the backuply/restore_ins.php file. This vulnerability enables attackers to send excessive requests to the server, potentially leading to resource depletion and service disruption. All versions up to and including 1.2.5 are affected, underscoring the need for immediate action to secure user environments and mitigate potential risks associated with this vulnerability.",Wordpress,"Backuply – Backup, Restore, Migrate And Clone",7.5,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-02-09T04:31:54.615Z,0
CVE-2024-0697,https://securityvulnerability.io/vulnerability/CVE-2024-0697,Directory Traversal Vulnerability in Backuply Plugin for WordPress,"The Backuply plugin for WordPress is exposed to a Directory Traversal vulnerability due to a flaw in the backuply_get_jstree function, specifically via the node_id parameter. This allows users with administrator privileges to access and read sensitive files on the server, which could lead to unauthorized disclosure of personal or confidential data. This issue affects all versions up to and including 1.2.3, prompting the need for immediate attention and patching.",Wordpress,"Backuply – Backup, Restore, Migrate and Clone",4.9,MEDIUM,0.0007300000288523734,false,,false,false,false,,,false,false,,2024-01-27T04:31:29.644Z,0