cleantalk
Vulnerabilities and Security Researches

JetBackup – WP Backup, Migrate & Restore, CVE-2023-7165

CVE, Research URL

CVE-2023-7165

Home page URL

Security reports for JetBackup – WP Backup, Migrate & Restore

Application

JetBackup – WP Backup, Migrate & Restore

Published on
Feb 27, 2024
Research Description
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.
Affected versions
Min -, max 2.0.9.9.
Status
vulnerable
Previous vulnerability researches
Backup Bolt (CVE-2023-7236) , Jun 10, 2024
Backup Bolt (bc0c1fa51c016cd29c9a4fcba7b97da23cfc4c93) , Jun 11, 2024
SK WP Settings Backup (CVE-2024-52415) , Nov 17, 2024
1-Click Backup & Restore Database (CVE-2025-32246) , Apr 06, 2025
WordPress SQL Backup (CVE-2025-30608) , Mar 27, 2025
New vulnerability
Tainacan (CVE-2025-47512) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-4223) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2024-13427) , May 25, 2025
miniOrange Discord Integration (CVE-2025-47672) , May 25, 2025
4stats (CVE-2025-3869) , May 24, 2025