cve/2024/CVE-2024-0842.md

### [CVE-2024-0842](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0842)
![](https://img.shields.io/static/v1?label=Product&message=Backuply%20%E2%80%93%20Backup%2C%20Restore%2C%20Migrate%20and%20Clone&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.2.5%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%20Uncontrolled%20Resource%20Consumption%20('Resource%20Exhaustion')&color=brighgreen)

### Description

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds