NVD

Id
38679  
Name
CVE-2013-2742  
Description
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not reliably delete itself after completing a restore operation, which makes it easier for remote attackers to obtain access via subsequent requests to this script.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2013-04-02  
Modified Date
2013-04-02  
Seq
2013-2742  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
198237 38679 CVE-2013-2742 20130323 Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php  View
198238 38679 CVE-2013-2742 http://packetstormsecurity.com/files/120923  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20541 JVNDB-2013-002116 WordPress 用 BackupBuddy プラグインにおけるアクセス権を取得される脆弱性 WordPress 用 BackupBuddy プラグインの importbuddy.php は、リストア完了後に importbuddy.php を確実に削除しないため、アクセス権を取得される脆弱性が存在します。 CVE-2013-2742 62684 CVE-2013-2742 38679 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002116.html 2013-04-02 2013-04-03 View