CVE-2021-39327-Exploit
Wordpress Plugin BulletProof Security V 5.1 - Sensitive information disclosure
CVE description:
The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.
ExploitDB:
Exploit Description:
- Vendor Homepage: https://forum.ait-pro.com/read-me-first/
- Software Link: https://downloads.wordpress.org/plugin/bulletproof-security.5.0.zip
- Version: Up to 5.1
- Tested on Ubuntu 18.04
