WordPress Plugin Vulnerabilities

Simple Backup <= 2.7.10 - Arbitrary File Download

Description

The simple-backup WordPress plugin was affected by an Arbitrary File Download security vulnerability.

Affects Plugins

Plugin icon
simple-backup
Fixed in 2.7.11

References

URL
https://packetstormsecurity.com/files/#131919/

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
f3740fd1-9782-4d0a-ad43-503e9782adf9

Timeline

Publicly Published
2015-05-19 (about 10 years ago)
Added
2015-05-21 (about 10 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2022-02-01
Title
Cost Calculator <= 1.8 - Authenticated Local File Inclusion
Published
2025-07-30
Title
HT Mega – Absolute Addons For Elementor < 2.9.2 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions
Published
2014-12-16
Title
DB Backup < 5.0 - Path Traversal File Access
Published
2020-03-24
Title
Multiple plugins - Unauthenticated Dompdf Local File Inclusion (LFI)
Published
2015-06-10
Title
History Collection <= 1.1.1 - Arbitraty File Download