CVE-2006-4208
EPSS 27.2%
Description
Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php.
How to fix CVE-2006-4208
To remediate CVE-2006-4208, upgrade the affected package to a fixed version below.
- Debian/wordpress—upgrade to 2.0.5-0.1 or later
Is CVE-2006-4208 being exploited?
Moderate — EPSS is 27.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.0.5-0.1