CVE-2024-0842

Backuply - Backup, Restore, Migrate and Clone <= 1.2.6 - Denial of Service

highUncontrolled Resource Consumption

7.5

CVSS Score

7.5

CVSS Score

high

Severity

1.2.7

Patched in

173d

Time to patch

Description

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.6. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.

CVSS Vector Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

None

Confidentiality

None

Integrity

High

Availability

Technical Details

Affected versions<=1.2.6

PublishedFebruary 8, 2024

Last updatedJuly 29, 2024

Affected pluginbackuply

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716?source=api-prod

Check if your site is affected.

Run a free security audit to detect vulnerable plugins, outdated versions, and misconfigurations.

Run free audit Browse CVE database