Backwpup < 1.7.2 - Remote File Inclusion

Affects Plugin

fixed in version 1.7.2

References

CVE 2011-4342
ExploitDB 17056
PacketStorm 99799
URL https://seclists.org/fulldisclosure/2011/Mar/328
URL https://web.archive.org/web/20191128050912/https://www.senseofsecurity.com.au/sitecontnt/uploads/2015/03/SOS-11-003.pdf
URL https://www.openwall.com/lists/oss-security/2011/11/22/7
URL https://www.openwall.com/lists/oss-security/2011/11/22/10

Classification

Type RFI
OWASP Top 10 A1: Injection
CWE CWE-98

Miscellaneous

Views 672
Verified No
WPVDB ID 9787

Timeline

Publicly Published 2011-03-28 (over 9 years ago)
Added 2019-08-26 (11 months ago)
Last Updated 2019-12-23 (7 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin