WordPress Backup by Supsystic plugin <= 2.3.12 - Local File Inclusion (LFI) vulnerability
Backup by Supsystic
Local File Inclusion (LFI) vulnerability found by Erik David Martin in WordPress Backup by Supsystic plugin (versions <= 2.3.12).
2021-02-08 - we were unable to find a patched version of this plugin.
Notice from WordPress plugin repository: "This plugin has been closed as of December 1, 2020 and is not available for download. Reason: Security Issue."
Type Local File Inclusion OWASP Top 10 A1: Injection