CVE-2023-54346
Published: 05 May 2026
Description
WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers can enumerate backup directories through configuration files and complete logs, then construct direct download URLs…
more
to retrieve sensitive backup archives containing full database dumps.
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Pre- and post-publication reviews prevent insertion of sensitive information into externally-accessible public locations.
Monitors for sensitive information placed in externally accessible files or directories.
The map shows if data actions result in sensitive information being placed in externally accessible locations.
Isolation and eradication reduce the ability to exploit sensitive information inserted into externally-accessible files or directories.
Approved categorization forces identification of externally accessible files that contain sensitive content so they receive proper protection.
The pre-implementation review identifies externally accessible files or directories containing PII and drives access restrictions or removal.
Tainting makes it possible to determine when sensitive data has been removed from externally accessible files or directories.
OPSEC practices stop placement of supply-chain information into locations accessible to external parties.
Security SummaryAI
CVE-2023-54346 is an information disclosure vulnerability (CWE-538) affecting the WordPress plugin Backup Migration version 1.2.8, assigned a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). The vulnerability enables unauthenticated attackers to download complete database backups through predictable file paths. Attackers can enumerate backup directories by accessing exposed configuration files and complete logs, allowing them to construct direct download URLs for sensitive backup archives that contain full database dumps.
Unauthenticated remote attackers can exploit this issue with low complexity, requiring no privileges or user interaction. Successful exploitation grants high confidentiality impact by exposing sensitive data such as full database contents, while integrity and availability remain unaffected.
Advisories from VulnCheck and a proof-of-concept exploit on Exploit-DB document the unauthenticated database backup download capability. Additional references include the plugin's vendor site at backupbliss.com and the affected version download at downloads.wordpress.org/plugin/backup-backup.1.2.8.zip.
Details
- CWE(s)