FastDup – Fastest WordPress Migration & Duplicator < 2.2 – Directory Listing to Account Takeover and Sensitive Data Exposure | CVE 2023-6592 | Plugin Vulnerabilities

Description

The plugin does not prevent directory listing in sensitive directories containing export files.

Proof of Concept

1) Run backup function http://your_site/wordpress/wp-admin/admin.php?page=njt-fastdup#/
2) During backup creation, you can intercept the following paths:
wordpress/wp-content/plugins/fastdup/logs
wordpress/wp-content/njt-fastdup/tmp
3) After backup go to /wordpress/wp-content/njt-fastdup/packages/ and see all backup files inside directory

Affects Plugins

Fixed in 2.2

References

CVE

URL

https://research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit/

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CVSS

Miscellaneous

Original Researcher

Dmitrii Ignatyev

Submitter

Dmitrii Ignatyev

Submitter website

https://research.cleantalk.org

Verified

Yes

WPVDB ID

a39bb807-b143-4863-88ff-1783e407d7d4

Timeline

Publicly Published

2024-01-15 (about 1 year ago)

Added

2024-01-15 (about 1 year ago)

Last Updated

2024-01-16 (about 1 year ago)

Other

Published

Title

Published

2021-09-09

Title

WordPress 5.4 to 5.8 - Data Exposure via REST API

Published

2025-11-27

Title

Ultimate Member Widgets for Elementor < 2.4 - Unauthenticated Information Exposure

Published

2025-12-05

Title

Portfolio and Projects < 1.5.6 - Authenticated (Contributor+) Information Exposure

Published

2024-02-08

Title

Passster – Password Protect Pages and Content < 4.2.6.3 - Missing Authorization to Sensitive Information Exposure

Published

2024-08-28

Title

The Post Grid < 7.7.12 - Authenticated (Contributor+) Information Disclosure