CVE-2024-0842
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.6. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| softaculous | Backuply – Backup, Restore, Migrate and Clone | 0 <= 1.2.6 | affected |
Weaknesses
- CWE-400: CWE-400 Uncontrolled Resource Consumption
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716?source=cve
- https://plugins.trac.wordpress.org/changeset/3033242/backuply/trunk/restore_ins.php
References
- https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716?source=cve
- https://plugins.trac.wordpress.org/changeset/3033242/backuply/trunk/restore_ins.php
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3036756%40backuply&new=3036756%40backuply&sfp_email=&sfph_mail=
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.