ThreatPress

WordPress Vulnerabilities Database

Back

WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #1

Product
BackupBuddy
Description
This vulnerability is in the importbuddy.php. It allows the attackers to bypass authentication via a crafted integer in the "step" parameter.
Solution
Update the plugin.
Classification
Type BYPASS
OWASP Top 10 A6: Sensitive Data Exposure
References
CVE Mitre
CVE
Name CVE-2013-2743
Versions
Affected In <= 2.2.4
Fixed In 2.2.5
Disclosure date
2013-04-01
Credits
Rob Armstrong