CVE-2024-10028 – The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin …

6 November 2024

Vuln ID: CVE-2024-10028

Published: 2024-11-06 00:15:13.000

Description: The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site’s backup.

Base Score: 7.5 – HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Source: NVD.NIST.GOV

Date:

6 November 2024

Categorie(s):

NVD

Tag(s):

NVD

Smashing Security podcast #392: Pasta spies and private eyes, and are you applying for a ghost job?7 November 2024
Rapid7’s revenue and earnings top forecasts amid product enhancements7 November 2024
Google Cloud mandates MFA by end of 20256 November 2024
AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds6 November 2024
Increasing Awareness of DNS Hijacking: A Growing Cyber Threat6 November 2024