Showing 1 - 1 of 1

CVE-2020-35948

Status Candidate

Overview

An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xcloner_restore.php write_file_action could overwrite wp-config.php, for example. Alternatively, an attacker could create an exploit chain to obtain a database dump.

Related Files

WordPress XCloner 4.2.12 Remote Code Execution: Posted Jul 1, 2021; Authored by Ron Jost; WordPress XCloner plugin version 4.2.12 authenticated remote code execution exploit.; tags | exploit, remote, code execution; advisories | CVE-2020-35948; SHA-256 | 51efbd3b0d80695da5f2ea6b11516c3016521715f93c6235c7c98b89032ce059; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 163 files
Ubuntu 99 files
indoushka 62 files
Debian 22 files
nu11secur1ty 19 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
Apple 6 files
bluedragonsec 4 files

File Archives

Systems

AIX (428)
Apple (2,009)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,842)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (353)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,811)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,916)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,938)
UNIX (9,313)
UnixWare (186)
Windows (6,588)
Other

CVE-2020-35948

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems