Vulnerability Details CVE-2024-0842
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restore_ins.php file and. This makes it possible for unauthenticated attackers to make excessive requests that result in the server running out of resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.6%
CVSS Severity
CVSS v3 Score 7.5
References
- https://plugins.trac.wordpress.org/changeset/3033242/backuply/trunk/restore_ins.php
- https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716?source=cve
- https://plugins.trac.wordpress.org/changeset/3033242/backuply/trunk/restore_ins.php
- https://www.wordfence.com/threat-intel/vulnerabilities/id/1f955d88-ab4c-4cf4-a23b-91119d412716?source=cve
Products affected by CVE-2024-0842
-
cpe:2.3:a:softaculous:backuply:-
-
cpe:2.3:a:softaculous:backuply:1.0.0
-
cpe:2.3:a:softaculous:backuply:1.0.1
-
cpe:2.3:a:softaculous:backuply:1.0.2
-
cpe:2.3:a:softaculous:backuply:1.0.3
-
cpe:2.3:a:softaculous:backuply:1.0.4
-
cpe:2.3:a:softaculous:backuply:1.0.5
-
cpe:2.3:a:softaculous:backuply:1.0.6
-
cpe:2.3:a:softaculous:backuply:1.0.7
-
cpe:2.3:a:softaculous:backuply:1.0.8
-
cpe:2.3:a:softaculous:backuply:1.0.9
-
cpe:2.3:a:softaculous:backuply:1.1.0
-
cpe:2.3:a:softaculous:backuply:1.1.1
-
cpe:2.3:a:softaculous:backuply:1.1.2
-
cpe:2.3:a:softaculous:backuply:1.1.3
-
cpe:2.3:a:softaculous:backuply:1.1.4
-
cpe:2.3:a:softaculous:backuply:1.1.5
-
cpe:2.3:a:softaculous:backuply:1.1.6
-
cpe:2.3:a:softaculous:backuply:1.1.7
-
cpe:2.3:a:softaculous:backuply:1.1.8
-
cpe:2.3:a:softaculous:backuply:1.1.9
-
cpe:2.3:a:softaculous:backuply:1.2.0
-
cpe:2.3:a:softaculous:backuply:1.2.1
-
cpe:2.3:a:softaculous:backuply:1.2.2
-
cpe:2.3:a:softaculous:backuply:1.2.3
-
cpe:2.3:a:softaculous:backuply:1.2.4
-
cpe:2.3:a:softaculous:backuply:1.2.5