cbcvebase.

Azzaroco Wp Superbackup vulnerabilities

5 known vulnerabilities affecting azzaroco/wp_superbackup.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH4

Vulnerabilities

Page 1 of 1
CVE-2024-56064P1CRITICALCVSS 10.0ExploitedPoC≤ 2.3.32024-12-31
CVE-2024-56064 [CRITICAL] CWE-434 CVE-2024-56064: Unrestricted Upload of File with Dangerous Type vulnerability in azzaroco WP SuperBackup indeed-wp-s Unrestricted Upload of File with Dangerous Type vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
nvd
CVE-2024-56067P3HIGHCVSS 7.5≤ 2.3.32024-12-31
CVE-2024-56067 [HIGH] CWE-862 CVE-2024-56067: Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiti Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
nvd
CVE-2024-56068P3HIGHCVSS 7.5≤ 2.3.32024-12-31
CVE-2024-56068 [HIGH] CWE-502 CVE-2024-56068: Deserialization of Untrusted Data vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup.Thi Deserialization of Untrusted Data vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
nvd
CVE-2024-56070P3HIGHCVSS 7.4≤ 2.3.32024-12-31
CVE-2024-56070 [HIGH] CWE-862 CVE-2024-56070: Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiti Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
nvd
CVE-2024-56069P4HIGHCVSS 7.1≤ 2.3.32025-01-02
CVE-2024-56069 [HIGH] CWE-79 CVE-2024-56069: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Reflected XSS.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
nvd
Azzaroco Wp Superbackup vulnerabilities | cvebase