What is CVE-2013-2742?

CVE-2013-2742 is a vulnerability in Ithemes Backupbuddy. Published 2013-04-02.

Is CVE-2013-2742 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ithemes Backupbuddy

CVE-2013-2742

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not reliably delete itself after completing a restore operation, which makes it easier for remote attackers to obtain access via subsequen…

EPSS: 0.005 (67.0th percentile) — read the EPSS interpretation.

Affected products

Ithemes Backupbuddy — versions 1.3.4, 2.1.4, 2.2.4
Wordpress
N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates

References

cve@mitre.org (Exploit, x_refsource_MISC)
20130323 Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php (mailing-list, Exploit, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2013-2742?: CVE-2013-2742 is a vulnerability in Ithemes Backupbuddy. Published 2013-04-02.
Is CVE-2013-2742 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.