7.5
CVE-2023-6271
- EPSS 0.69%
- Veröffentlicht 01.01.2024 15:15:43
- Zuletzt bearbeitet 11.06.2025 17:15:38
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
LoginBackup Migration Staging < 1.3.6 - Sensitive Data Exposure
Backup Migration <= 1.3.5 - Unauthenticated Sensitive Information Exposure
The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups.
Mögliche Gegenmaßnahme
Backup Migration: Update to version 1.3.6, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Backupbliss ≫ Backup Migration SwPlatformwordpress Version < 1.3.6
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Backup Migration
Version
*-1.3.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.69% | 0.478 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
https://research.cleantalk.org/cve-2023-6271-backup-migration-unauth-sensitive-data-exposure-to-full-control-of-the-site-poc-exploit
https://wpscan.com/vulnerability/7ac217db-f332-404b-a265-6dc86fe747b9
https://www.wordfence.com/threat-intel/vulnerabilities/id/f661f19d-fdd4-4cd3-8fb3-8b6073d94596