Back
WordPress Backup Guard plugin <= 1.5.9 - Authenticated Arbitrary File Upload vulnerability
- Product
- Backup Guard
- Description
- Authenticated Arbitrary File Upload vulnerability found by Nguyen Van Khanh in WordPress Backup Guard plugin (versions <= 1.5.9).
- Solution
- Update the WordPress Backup Guard plugin to the latest available version (at least 1.6.0).
- Classification
-
Type Arbitrary File Upload
OWASP Top 10 A1: Injection
- References
-
Vulnerability details
Plugin changelog
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 1.5.9
Fixed In 1.6.0
- Disclosure date
- 2021-02-18
- Credits
- WPScan