CVE-2023-7236
Backup Bolt <= 1.3.0 - Sensitive Data Exposure
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.7EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
18 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive information.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Affected products
Unknown · Backup Bolt