The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-12-23T01:59:46.751Z
Updated: 2024-08-02T08:50:06.839Z
Reserved: 2023-12-20T01:43:10.286Z
Link: CVE-2023-6972
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-23T02:15:45.333
Modified: 2024-11-21T08:44:57.187
Link: CVE-2023-6972
Redhat
No data.