WordPress Plugin Vulnerabilities

Backuply - Backup, Restore, Migrate and Clone < 1.2.6 - Unauthenticated Denial of Service

Description

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.

Affects Plugins

Plugin icon
backuply
Fixed in 1.2.6

References

CVE
CVE-2024-0842
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716

Miscellaneous

Original Researcher
villu164
Verified
No
WPVDB ID
90113124-233b-4666-9ef5-a341f78903cd

Timeline

Publicly Published
2024-02-08 (about 2 years ago)
Added
2024-02-09 (about 2 years ago)
Last Updated
2024-02-09 (about 2 years ago)

Other

Published
Title
Published
2016-06-21
Title
WordPress 4.5.2 - oEmbed Denial of Service (DoS)
Published
2014-08-27
Title
WordPress 3.5-3.7.1 - XML-RPC Denial of Service
Published
2018-06-07
Title
Mass Pages/Posts Creator <= 1.2.4 - DoS
Published
2018-02-05
Title
WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
Published
2019-11-05
Title
Safe SVG <= 1.9.4 - Denial of Service