CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16870

The UpdraftPlus plugin through 1.13.12 for WordPress has SSRF in the updraft_ajax_handler function in /wp-content/plugins/updraftplus/admin.php via an httpget subaction. NOTE: the vendor reports that this does not cross a privilege boundary

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.8%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

Products affected by CVE-2017-16870

Updraftplus » Updraftplus » Version: 0.1

cpe:2.3:a:updraftplus:updraftplus:0.1
Updraftplus » Updraftplus » Version: 0.1.3

cpe:2.3:a:updraftplus:updraftplus:0.1.3
Updraftplus » Updraftplus » Version: 0.7.4

cpe:2.3:a:updraftplus:updraftplus:0.7.4
Updraftplus » Updraftplus » Version: 0.7.7

cpe:2.3:a:updraftplus:updraftplus:0.7.7
Updraftplus » Updraftplus » Version: 0.8.28

cpe:2.3:a:updraftplus:updraftplus:0.8.28
Updraftplus » Updraftplus » Version: 0.8.29

cpe:2.3:a:updraftplus:updraftplus:0.8.29
Updraftplus » Updraftplus » Version: 0.8.31

cpe:2.3:a:updraftplus:updraftplus:0.8.31
Updraftplus » Updraftplus » Version: 0.8.32

cpe:2.3:a:updraftplus:updraftplus:0.8.32
Updraftplus » Updraftplus » Version: 0.8.33

cpe:2.3:a:updraftplus:updraftplus:0.8.33
Updraftplus » Updraftplus » Version: 0.8.36

cpe:2.3:a:updraftplus:updraftplus:0.8.36
Updraftplus » Updraftplus » Version: 0.8.37

cpe:2.3:a:updraftplus:updraftplus:0.8.37
Updraftplus » Updraftplus » Version: 0.8.50

cpe:2.3:a:updraftplus:updraftplus:0.8.50
Updraftplus » Updraftplus » Version: 0.8.51

cpe:2.3:a:updraftplus:updraftplus:0.8.51
Updraftplus » Updraftplus » Version: 0.9.10

cpe:2.3:a:updraftplus:updraftplus:0.9.10
Updraftplus » Updraftplus » Version: 0.9.2

cpe:2.3:a:updraftplus:updraftplus:0.9.2
Updraftplus » Updraftplus » Version: 0.9.20

cpe:2.3:a:updraftplus:updraftplus:0.9.20
Updraftplus » Updraftplus » Version: 1.0.15

cpe:2.3:a:updraftplus:updraftplus:1.0.15
Updraftplus » Updraftplus » Version: 1.0.16

cpe:2.3:a:updraftplus:updraftplus:1.0.16
Updraftplus » Updraftplus » Version: 1.0.4

cpe:2.3:a:updraftplus:updraftplus:1.0.4
Updraftplus » Updraftplus » Version: 1.0.5

cpe:2.3:a:updraftplus:updraftplus:1.0.5
Updraftplus » Updraftplus » Version: 1.1.11

cpe:2.3:a:updraftplus:updraftplus:1.1.11
Updraftplus » Updraftplus » Version: 1.1.16

cpe:2.3:a:updraftplus:updraftplus:1.1.16
Updraftplus » Updraftplus » Version: 1.1.9

cpe:2.3:a:updraftplus:updraftplus:1.1.9
Updraftplus » Updraftplus » Version: 1.10.1

cpe:2.3:a:updraftplus:updraftplus:1.10.1
Updraftplus » Updraftplus » Version: 1.10.3

cpe:2.3:a:updraftplus:updraftplus:1.10.3
Updraftplus » Updraftplus » Version: 1.11.1

cpe:2.3:a:updraftplus:updraftplus:1.11.1
Updraftplus » Updraftplus » Version: 1.11.12

cpe:2.3:a:updraftplus:updraftplus:1.11.12
Updraftplus » Updraftplus » Version: 1.11.15

cpe:2.3:a:updraftplus:updraftplus:1.11.15
Updraftplus » Updraftplus » Version: 1.11.17

cpe:2.3:a:updraftplus:updraftplus:1.11.17
Updraftplus » Updraftplus » Version: 1.11.18

cpe:2.3:a:updraftplus:updraftplus:1.11.18
Updraftplus » Updraftplus » Version: 1.11.2

cpe:2.3:a:updraftplus:updraftplus:1.11.2
Updraftplus » Updraftplus » Version: 1.11.20

cpe:2.3:a:updraftplus:updraftplus:1.11.20
Updraftplus » Updraftplus » Version: 1.11.21

cpe:2.3:a:updraftplus:updraftplus:1.11.21
Updraftplus » Updraftplus » Version: 1.11.23

cpe:2.3:a:updraftplus:updraftplus:1.11.23
Updraftplus » Updraftplus » Version: 1.11.24

cpe:2.3:a:updraftplus:updraftplus:1.11.24
Updraftplus » Updraftplus » Version: 1.11.26

cpe:2.3:a:updraftplus:updraftplus:1.11.26
Updraftplus » Updraftplus » Version: 1.11.27

cpe:2.3:a:updraftplus:updraftplus:1.11.27
Updraftplus » Updraftplus » Version: 1.11.29

cpe:2.3:a:updraftplus:updraftplus:1.11.29
Updraftplus » Updraftplus » Version: 1.11.3

cpe:2.3:a:updraftplus:updraftplus:1.11.3
Updraftplus » Updraftplus » Version: 1.11.4

cpe:2.3:a:updraftplus:updraftplus:1.11.4
Updraftplus » Updraftplus » Version: 1.11.6

cpe:2.3:a:updraftplus:updraftplus:1.11.6
Updraftplus » Updraftplus » Version: 1.11.9

cpe:2.3:a:updraftplus:updraftplus:1.11.9
Updraftplus » Updraftplus » Version: 1.12.0

cpe:2.3:a:updraftplus:updraftplus:1.12.0
Updraftplus » Updraftplus » Version: 1.12.1

cpe:2.3:a:updraftplus:updraftplus:1.12.1
Updraftplus » Updraftplus » Version: 1.12.11

cpe:2.3:a:updraftplus:updraftplus:1.12.11
Updraftplus » Updraftplus » Version: 1.12.12

cpe:2.3:a:updraftplus:updraftplus:1.12.12
Updraftplus » Updraftplus » Version: 1.12.13

cpe:2.3:a:updraftplus:updraftplus:1.12.13
Updraftplus » Updraftplus » Version: 1.12.15

cpe:2.3:a:updraftplus:updraftplus:1.12.15
Updraftplus » Updraftplus » Version: 1.12.16

cpe:2.3:a:updraftplus:updraftplus:1.12.16
Updraftplus » Updraftplus » Version: 1.12.17

cpe:2.3:a:updraftplus:updraftplus:1.12.17
Updraftplus » Updraftplus » Version: 1.12.18

cpe:2.3:a:updraftplus:updraftplus:1.12.18
Updraftplus » Updraftplus » Version: 1.12.2

cpe:2.3:a:updraftplus:updraftplus:1.12.2
Updraftplus » Updraftplus » Version: 1.12.20

cpe:2.3:a:updraftplus:updraftplus:1.12.20
Updraftplus » Updraftplus » Version: 1.12.21

cpe:2.3:a:updraftplus:updraftplus:1.12.21
Updraftplus » Updraftplus » Version: 1.12.23

cpe:2.3:a:updraftplus:updraftplus:1.12.23
Updraftplus » Updraftplus » Version: 1.12.24

cpe:2.3:a:updraftplus:updraftplus:1.12.24
Updraftplus » Updraftplus » Version: 1.12.25

cpe:2.3:a:updraftplus:updraftplus:1.12.25
Updraftplus » Updraftplus » Version: 1.12.26

cpe:2.3:a:updraftplus:updraftplus:1.12.26
Updraftplus » Updraftplus » Version: 1.12.27

cpe:2.3:a:updraftplus:updraftplus:1.12.27
Updraftplus » Updraftplus » Version: 1.12.28

cpe:2.3:a:updraftplus:updraftplus:1.12.28
Updraftplus » Updraftplus » Version: 1.12.29

cpe:2.3:a:updraftplus:updraftplus:1.12.29
Updraftplus » Updraftplus » Version: 1.12.30

cpe:2.3:a:updraftplus:updraftplus:1.12.30
Updraftplus » Updraftplus » Version: 1.12.32

cpe:2.3:a:updraftplus:updraftplus:1.12.32
Updraftplus » Updraftplus » Version: 1.12.34

cpe:2.3:a:updraftplus:updraftplus:1.12.34
Updraftplus » Updraftplus » Version: 1.12.35

cpe:2.3:a:updraftplus:updraftplus:1.12.35
Updraftplus » Updraftplus » Version: 1.12.37

cpe:2.3:a:updraftplus:updraftplus:1.12.37
Updraftplus » Updraftplus » Version: 1.12.38

cpe:2.3:a:updraftplus:updraftplus:1.12.38
Updraftplus » Updraftplus » Version: 1.12.4

cpe:2.3:a:updraftplus:updraftplus:1.12.4
Updraftplus » Updraftplus » Version: 1.12.40

cpe:2.3:a:updraftplus:updraftplus:1.12.40
Updraftplus » Updraftplus » Version: 1.12.5

cpe:2.3:a:updraftplus:updraftplus:1.12.5
Updraftplus » Updraftplus » Version: 1.12.6

cpe:2.3:a:updraftplus:updraftplus:1.12.6
Updraftplus » Updraftplus » Version: 1.12.8

cpe:2.3:a:updraftplus:updraftplus:1.12.8
Updraftplus » Updraftplus » Version: 1.12.9

cpe:2.3:a:updraftplus:updraftplus:1.12.9
Updraftplus » Updraftplus » Version: 1.13.1

cpe:2.3:a:updraftplus:updraftplus:1.13.1
Updraftplus » Updraftplus » Version: 1.13.11

cpe:2.3:a:updraftplus:updraftplus:1.13.11
Updraftplus » Updraftplus » Version: 1.13.12

cpe:2.3:a:updraftplus:updraftplus:1.13.12
Updraftplus » Updraftplus » Version: 1.13.2

cpe:2.3:a:updraftplus:updraftplus:1.13.2
Updraftplus » Updraftplus » Version: 1.13.3

cpe:2.3:a:updraftplus:updraftplus:1.13.3
Updraftplus » Updraftplus » Version: 1.13.4

cpe:2.3:a:updraftplus:updraftplus:1.13.4
Updraftplus » Updraftplus » Version: 1.13.5

cpe:2.3:a:updraftplus:updraftplus:1.13.5
Updraftplus » Updraftplus » Version: 1.13.6

cpe:2.3:a:updraftplus:updraftplus:1.13.6
Updraftplus » Updraftplus » Version: 1.13.7

cpe:2.3:a:updraftplus:updraftplus:1.13.7
Updraftplus » Updraftplus » Version: 1.13.8

cpe:2.3:a:updraftplus:updraftplus:1.13.8
Updraftplus » Updraftplus » Version: 1.13.9

cpe:2.3:a:updraftplus:updraftplus:1.13.9
Updraftplus » Updraftplus » Version: 1.2.14

cpe:2.3:a:updraftplus:updraftplus:1.2.14
Updraftplus » Updraftplus » Version: 1.2.18

cpe:2.3:a:updraftplus:updraftplus:1.2.18
Updraftplus » Updraftplus » Version: 1.2.20

cpe:2.3:a:updraftplus:updraftplus:1.2.20
Updraftplus » Updraftplus » Version: 1.2.31

cpe:2.3:a:updraftplus:updraftplus:1.2.31
Updraftplus » Updraftplus » Version: 1.2.46

cpe:2.3:a:updraftplus:updraftplus:1.2.46
Updraftplus » Updraftplus » Version: 1.3.12

cpe:2.3:a:updraftplus:updraftplus:1.3.12
Updraftplus » Updraftplus » Version: 1.3.15

cpe:2.3:a:updraftplus:updraftplus:1.3.15
Updraftplus » Updraftplus » Version: 1.3.18

cpe:2.3:a:updraftplus:updraftplus:1.3.18
Updraftplus » Updraftplus » Version: 1.3.19

cpe:2.3:a:updraftplus:updraftplus:1.3.19
Updraftplus » Updraftplus » Version: 1.3.2

cpe:2.3:a:updraftplus:updraftplus:1.3.2
Updraftplus » Updraftplus » Version: 1.3.20

cpe:2.3:a:updraftplus:updraftplus:1.3.20
Updraftplus » Updraftplus » Version: 1.3.22

cpe:2.3:a:updraftplus:updraftplus:1.3.22
Updraftplus » Updraftplus » Version: 1.3.8

cpe:2.3:a:updraftplus:updraftplus:1.3.8
Updraftplus » Updraftplus » Version: 1.4.0

cpe:2.3:a:updraftplus:updraftplus:1.4.0
Updraftplus » Updraftplus » Version: 1.4.11

cpe:2.3:a:updraftplus:updraftplus:1.4.11
Updraftplus » Updraftplus » Version: 1.4.13

cpe:2.3:a:updraftplus:updraftplus:1.4.13
Updraftplus » Updraftplus » Version: 1.4.14

cpe:2.3:a:updraftplus:updraftplus:1.4.14
Updraftplus » Updraftplus » Version: 1.4.2

cpe:2.3:a:updraftplus:updraftplus:1.4.2
Updraftplus » Updraftplus » Version: 1.4.29

cpe:2.3:a:updraftplus:updraftplus:1.4.29
Updraftplus » Updraftplus » Version: 1.4.30

cpe:2.3:a:updraftplus:updraftplus:1.4.30
Updraftplus » Updraftplus » Version: 1.4.48

cpe:2.3:a:updraftplus:updraftplus:1.4.48
Updraftplus » Updraftplus » Version: 1.4.6

cpe:2.3:a:updraftplus:updraftplus:1.4.6
Updraftplus » Updraftplus » Version: 1.4.7

cpe:2.3:a:updraftplus:updraftplus:1.4.7
Updraftplus » Updraftplus » Version: 1.4.9

cpe:2.3:a:updraftplus:updraftplus:1.4.9
Updraftplus » Updraftplus » Version: 1.5.21

cpe:2.3:a:updraftplus:updraftplus:1.5.21
Updraftplus » Updraftplus » Version: 1.5.22

cpe:2.3:a:updraftplus:updraftplus:1.5.22
Updraftplus » Updraftplus » Version: 1.5.5

cpe:2.3:a:updraftplus:updraftplus:1.5.5
Updraftplus » Updraftplus » Version: 1.6.1

cpe:2.3:a:updraftplus:updraftplus:1.6.1
Updraftplus » Updraftplus » Version: 1.6.17

cpe:2.3:a:updraftplus:updraftplus:1.6.17
Updraftplus » Updraftplus » Version: 1.6.2

cpe:2.3:a:updraftplus:updraftplus:1.6.2
Updraftplus » Updraftplus » Version: 1.6.46

cpe:2.3:a:updraftplus:updraftplus:1.6.46
Updraftplus » Updraftplus » Version: 1.7.0

cpe:2.3:a:updraftplus:updraftplus:1.7.0
Updraftplus » Updraftplus » Version: 1.7.1

cpe:2.3:a:updraftplus:updraftplus:1.7.1
Updraftplus » Updraftplus » Version: 1.7.18

cpe:2.3:a:updraftplus:updraftplus:1.7.18
Updraftplus » Updraftplus » Version: 1.7.20

cpe:2.3:a:updraftplus:updraftplus:1.7.20
Updraftplus » Updraftplus » Version: 1.7.3

cpe:2.3:a:updraftplus:updraftplus:1.7.3
Updraftplus » Updraftplus » Version: 1.7.34

cpe:2.3:a:updraftplus:updraftplus:1.7.34
Updraftplus » Updraftplus » Version: 1.7.35

cpe:2.3:a:updraftplus:updraftplus:1.7.35
Updraftplus » Updraftplus » Version: 1.7.39

cpe:2.3:a:updraftplus:updraftplus:1.7.39
Updraftplus » Updraftplus » Version: 1.7.41

cpe:2.3:a:updraftplus:updraftplus:1.7.41
Updraftplus » Updraftplus » Version: 1.8.1

cpe:2.3:a:updraftplus:updraftplus:1.8.1
Updraftplus » Updraftplus » Version: 1.8.11

cpe:2.3:a:updraftplus:updraftplus:1.8.11
Updraftplus » Updraftplus » Version: 1.8.12

cpe:2.3:a:updraftplus:updraftplus:1.8.12
Updraftplus » Updraftplus » Version: 1.8.13

cpe:2.3:a:updraftplus:updraftplus:1.8.13
Updraftplus » Updraftplus » Version: 1.8.2

cpe:2.3:a:updraftplus:updraftplus:1.8.2
Updraftplus » Updraftplus » Version: 1.8.5

cpe:2.3:a:updraftplus:updraftplus:1.8.5
Updraftplus » Updraftplus » Version: 1.8.8

cpe:2.3:a:updraftplus:updraftplus:1.8.8
Updraftplus » Updraftplus » Version: 1.9.0

cpe:2.3:a:updraftplus:updraftplus:1.9.0
Updraftplus » Updraftplus » Version: 1.9.13

cpe:2.3:a:updraftplus:updraftplus:1.9.13
Updraftplus » Updraftplus » Version: 1.9.15

cpe:2.3:a:updraftplus:updraftplus:1.9.15
Updraftplus » Updraftplus » Version: 1.9.17

cpe:2.3:a:updraftplus:updraftplus:1.9.17
Updraftplus » Updraftplus » Version: 1.9.19

cpe:2.3:a:updraftplus:updraftplus:1.9.19
Updraftplus » Updraftplus » Version: 1.9.25

cpe:2.3:a:updraftplus:updraftplus:1.9.25
Updraftplus » Updraftplus » Version: 1.9.26

cpe:2.3:a:updraftplus:updraftplus:1.9.26
Updraftplus » Updraftplus » Version: 1.9.30

cpe:2.3:a:updraftplus:updraftplus:1.9.30
Updraftplus » Updraftplus » Version: 1.9.31

cpe:2.3:a:updraftplus:updraftplus:1.9.31
Updraftplus » Updraftplus » Version: 1.9.4

cpe:2.3:a:updraftplus:updraftplus:1.9.4
Updraftplus » Updraftplus » Version: 1.9.40

cpe:2.3:a:updraftplus:updraftplus:1.9.40
Updraftplus » Updraftplus » Version: 1.9.42

cpe:2.3:a:updraftplus:updraftplus:1.9.42
Updraftplus » Updraftplus » Version: 1.9.43

cpe:2.3:a:updraftplus:updraftplus:1.9.43
Updraftplus » Updraftplus » Version: 1.9.44

cpe:2.3:a:updraftplus:updraftplus:1.9.44
Updraftplus » Updraftplus » Version: 1.9.45

cpe:2.3:a:updraftplus:updraftplus:1.9.45
Updraftplus » Updraftplus » Version: 1.9.46

cpe:2.3:a:updraftplus:updraftplus:1.9.46
Updraftplus » Updraftplus » Version: 1.9.5

cpe:2.3:a:updraftplus:updraftplus:1.9.5
Updraftplus » Updraftplus » Version: 1.9.50

cpe:2.3:a:updraftplus:updraftplus:1.9.50
Updraftplus » Updraftplus » Version: 1.9.51

cpe:2.3:a:updraftplus:updraftplus:1.9.51
Updraftplus » Updraftplus » Version: 1.9.52

cpe:2.3:a:updraftplus:updraftplus:1.9.52
Updraftplus » Updraftplus » Version: 1.9.60

cpe:2.3:a:updraftplus:updraftplus:1.9.60
Updraftplus » Updraftplus » Version: 1.9.62

cpe:2.3:a:updraftplus:updraftplus:1.9.62
Updraftplus » Updraftplus » Version: 1.9.63

cpe:2.3:a:updraftplus:updraftplus:1.9.63
Updraftplus » Updraftplus » Version: 1.9.64

cpe:2.3:a:updraftplus:updraftplus:1.9.64

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16870

Products

Pricing

Contact Us