One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8316331 |
| Date de publication | 2023-03-07 14:15:09 (vue: 2023-03-07 16:06:51) |
| Titre | CVE-2020-36667 |
| Texte | The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backup_guard_cloud_dropbox, backup_guard_cloud_gdrive, and backup_guard_cloud_oneDrive functions. This makes it possible for authenticated attackers, with minimal permissions, such as a subscriber to change to location of back-ups and potentially steal sensitive information from them. |
| Notes | |
| Envoyé | Oui |
| Condensat | 2020 36667 attackers authenticated back backup capability change changes checking cloud cve dropbox due from functions gdrive guard including information jetbackup lack location makes migrate minimal onedrive permissions plugin possible potentially proper restore sensitive steal subscriber such them unauthorized ups versions vulnerable wordpress รข€“ |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.