CVE-2024-10028

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 6, 2024
Updated: Nov 8, 2024
CWE ID 922

Summary

CVE-2024-10028: The Everest Backup plugin for WordPress, versions up to 2.2.13, is found to have a vulnerability. Attackers can exploit this Sensitive Information Exposure issue by gaining access to a process stats file during the backup process. This file exposure allows unauthenticated adversaries to obtain archive file names and subsequently download the site's entire backup, potentially leading to data breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share