Overview
- Description
- The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site's backup.
- Source
- security@wordfence.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Weaknesses
- security@wordfence.com
- CWE-922
Social media
- Hype score
- Not currently trending
🚨 CVE-2024-10028 (Published: 2024-11-06) - A high-severity vulnerability in Wordfence affects multiple versions. Users are urged to update to the latest version immediately to mitigate risks. For detailed remediation steps, visit: https://t.co/GA5SaTYAnJ #CyberSecurity
@transilienceai
7 Nov 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10028 (Published: 2024-11-06) - A high-severity vulnerability affects Wordfence. Ensure your installations are updated to the latest version to mitigate risks. For detailed remediation steps, visit: https://t.co/GA5SaTYAnJ #CyberSecurity #Wordfence
@transilienceai
7 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10028 Sensitive Information Exposure in Everest Backup WordPress Plugin The E... https://t.co/IE2AwaFiIC Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
6 Nov 2024
28 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2024-10028 The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions … https://t.co/U7bYCWMSAf
@CVEnew
6 Nov 2024
543 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:everestthemes:everest_backup:*:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "A7F512C0-278E-4873-8746-8E9DC4B7FCBE",
"versionEndExcluding": "2.2.14"
}
],
"operator": "OR"
}
]
}
]