← back
CVE-2023-7236

Backup Bolt <= 1.3.0 - Sensitive Data Exposure

CVSS 4.7 MEDIUMEPSS 0.5%CWE-79
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.7EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive information.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Affected products
Unknown · Backup Bolt