cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-36669,https://securityvulnerability.io/vulnerability/CVE-2020-36669,Cross-Site Request Forgery in JetBackup Plugin for WordPress,"The JetBackup – WP Backup, Migrate & Restore plugin for WordPress contains a Cross-Site Request Forgery (CSRF) vulnerability in versions up to 1.3.9. This vulnerability arises from inadequate nonce validation on the backup_guard_get_import_backup() function. It allows unauthenticated attackers to potentially upload arbitrary files to the server of the targeted site if they can trick an administrator into executing a malicious request, such as clicking on a compromised link.",Wordpress,"Jetbackup – WP Backup, Migrate & Restore",8.8,HIGH,0.0019499999471008778,false,,false,false,false,,false,false,2023-03-07T13:33:59.555Z,0
CVE-2020-36668,https://securityvulnerability.io/vulnerability/CVE-2020-36668,Sensitive Information Disclosure in JetBackup Plugin for WordPress,"The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is susceptible to sensitive information disclosure due to inadequate capability checks within the backup_guard_get_manual_modal AJAX action. This vulnerability allows attackers with subscriber-level access or higher to invoke the function, resulting in unauthorized access to sensitive database table information.",Wordpress,"Jetbackup – WP Backup, Migrate & Restore",4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2023-03-07T13:28:09.328Z,0
CVE-2020-36667,https://securityvulnerability.io/vulnerability/CVE-2020-36667,Unauthorized Backup Location Changes in JetBackup Plugin for WordPress,"The JetBackup – WP Backup, Migrate & Restore plugin for WordPress contains a vulnerability that enables authenticated attackers to alter backup locations. This security issue arises from inadequate capability checks in the plugin’s backup_guard_cloud_dropbox, backup_guard_cloud_gdrive, and backup_guard_cloud_oneDrive functions. As a result, attackers with minimal permissions—such as a subscriber—can reroute backups to unauthorized locations, leading to potential data exposure or theft of sensitive information.",Wordpress,"Jetbackup – WP Backup, Migrate & Restore",5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2023-03-07T13:23:17.947Z,0