WordPress Plugin Vulnerabilities

EZPZ One Click Backup <= 12.03.10 - Unauthenticated Command Execution

Description

The ezpz-one-click-backup WordPress plugin was affected by an Unauthenticated Command Execution security vulnerability.

Affects Plugins

Plugin icon
ezpz-one-click-backup
No known fix

References

CVE
CVE-2014-3114
URL
https://www.openwall.com/lists/oss-security/2014/05/01/11

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94
CVSS
9.8 (critical)

Miscellaneous

Verified
No
WPVDB ID
63134197-7454-42f7-a298-75cd45cb5147

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2021-02-23
Title
YITH WooCommerce Gift Cards Premium < 3.3.1 - RCE via Arbitrary File Upload
Published
2014-08-01
Title
WP-Syntax < 0.9.10 - Remote Comm& Execution
Published
2024-10-24
Title
Secure Custom Fields < 6.3.6.3 - Admin+ Remote Code Execution
Published
2020-03-25
Title
Product Lister for Walmart <= 1.0.0 - Unauthenticated RCE via Outdated PHPUnit
Published
2024-11-11
Title
Podlove Podcast Publisher < 4.1.17 - Authenticated (Admin+) Remote Code Execution