CVE-2023-7232

Summary

The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data

Affected Software

VendorProductVersion RangeStatus
UnknownBackup and Restore WordPress0 <= 1.45affected

Weaknesses

  • CWE-200 Information Exposure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References