CVE-2024-10028
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 6, 2024
Updated: Nov 8, 2024
CWE ID 922
Summary
CVE-2024-10028: The Everest Backup plugin for WordPress, versions up to 2.2.13, is found to have a vulnerability. Attackers can exploit this Sensitive Information Exposure issue by gaining access to a process stats file during the backup process. This file exposure allows unauthenticated adversaries to obtain archive file names and subsequently download the site's entire backup, potentially leading to data breaches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share