Metrics
Affected Vendors & Products
No reference.
Fri, 17 Jan 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-352 | |
References |
|
|
Metrics |
cvssV3_1
|
Fri, 17 Jan 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Backup and Restore Wordpress <= 1.50 - Cross-Site Request Forgery to Backup Trigger | |
Metrics |
ssvc
|
Fri, 17 Jan 2025 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.50. This is due to missing or incorrect nonce validation on the ajax_queue_manual_backup() function. This makes it possible for unauthenticated attackers to trigger backups via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-43269. Reason: This candidate is a reservation duplicate of CVE-2024-43269. Notes: All CVE users should reference CVE-2024-43269 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. |
Tue, 07 Jan 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 07 Jan 2025 04:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.50. This is due to missing or incorrect nonce validation on the ajax_queue_manual_backup() function. This makes it possible for unauthenticated attackers to trigger backups via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |
Title | Backup and Restore Wordpress <= 1.50 - Cross-Site Request Forgery to Backup Trigger | |
Weaknesses | CWE-352 | |
References |
| |
Metrics |
cvssV3_1
|

Status: REJECTED
Assigner: Wordfence
Published: 2025-01-07T04:22:21.646Z
Updated: 2025-01-17T16:51:27.104Z
Reserved: 2024-12-04T17:45:38.437Z
Link: CVE-2024-12208

Updated:

Status : Rejected
Published: 2025-01-07T05:15:16.270
Modified: 2025-01-17T17:15:10.740
Link: CVE-2024-12208

No data.