ThreatPress

WordPress Vulnerabilities Database

Back

WordPress DB Backup Plugin <= 1.7 - Directory Traversal

Product
DB Backup
Description
Because of this vulnerability in wp-db-backup.php, authenticated users with administrative privileges can read arbitrary files.
Solution
Update the WordPress DB Backup plugin to the latest available version (at least 1.8).
Classification
Type Directory Traversal
References
CVE Mitre
CVE
Name CVE-2006-4208
Versions
Affected In <= 1.7
Fixed In 1.8
Disclosure date
2006-08-17
Submitter
ThreatPress