7.5
CVE-2023-7165
- EPSS 1.92%
- Veröffentlicht 27.02.2024 09:15:37
- Zuletzt bearbeitet 01.05.2025 14:56:41
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
JetBackup < 2.0.9.9 - Directory Listing Exposing Backups
JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.
Mögliche Gegenmaßnahme
JetBackup – Backup, Restore & Migrate: Update to version 2.0.9.9, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
JetBackup – Backup, Restore & Migrate
Version
*-2.0.9.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.92% | 0.772 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
https://wpscan.com/vulnerability/ad1ef4c5-60c1-4729-81dd-f626aa0ce3fe/
https://www.wordfence.com/threat-intel/vulnerabilities/id/fd978ac0-42f2-4746-9430-37458375b588