admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2022-31474.md
Goby ca100a8082
Create CVE-2022-31474.md 
add CVE-2022-31474
2023-04-01 12:40:51 +08:00

1.2 KiB
Raw Blame History

WordPress Plugin BackupBuddy Arbitrary File Read Vulnerability (CVE-2022-31474)

Vulnerability WordPress Plugin BackupBuddy Arbitrary File Read Vulnerability (CVE-2022-31474)
Chinese name WordPress BackupBuddy 插件 local-download 参数任意文件读取漏洞CVE-2022-31474
CVSS core 7.5
FOFA Query (click to view the results directly) header="WordPress" || header="api.w.org" || body="/wp-content/themes/"
Number of assets affected 34049801
Description WordPress BackupBuddy plugin is a fast and simple plugin for WordPress backup and restore. WordPress plugin BackupBuddy versions 8.5.8.0 to 8.7.4.1 have an information disclosure vulnerability, which stems from an arbitrary file read and download vulnerability.
Impact Attackers can use this vulnerability to read the leaked source code, database configuration files, etc., resulting in an extremely insecure website.