CVE-2024-2294 - Vulnerability Details - OpenCVE

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Softaculous	Backuply
Wordpress	Wordpress

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615
https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve

History

Wed, 08 Apr 2026 18:30:00 +0000

Type	Values Removed	Values Added
Title		Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal
Weaknesses		CWE-22

Fri, 27 Feb 2026 02:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-03-16T01:55:44.198Z

Updated: 2026-04-08T17:19:10.380Z

Reserved: 2024-03-07T17:29:38.209Z

Link: CVE-2024-2294

Vulnrichment

Updated: 2024-08-01T19:11:52.407Z

NVD

Status : Deferred

Published: 2024-03-16T02:15:09.200

Modified: 2026-04-15T00:35:42.020

Link: CVE-2024-2294

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-2294", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-03-07T17:29:38.209Z", "datePublished": "2024-03-16T01:55:44.198Z", "dateUpdated": "2026-04-08T17:19:10.380Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:19:10.380Z"}, "affected": [{"vendor": "softaculous", "product": "Backuply \u2013 Backup, Restore, Migrate and Clone", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Backuply \u2013 Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers."}], "title": "Backuply \u2013 Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78"}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Dau Hoang Tai"}], "timeline": [{"time": "2024-03-15T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2294", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T19:06:21.681668Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:29:38.837Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:52.407Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:52.407Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2294", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-18T19:06:21.681668Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:18.550Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Backuply \u2013 Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal", "credits": [{"lang": "en", "type": "finder", "value": "Dau Hoang Tai"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "softaculous", "product": "Backuply \u2013 Backup, Restore, Migrate and Clone", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.2.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-03-15T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78"}, {"url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Backuply \u2013 Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:19:10.380Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2294", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:19:10.380Z", "dateReserved": "2024-03-07T17:29:38.209Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-03-16T01:55:44.198Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Backuply \u2013 Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an account with only activate_plugins capability to access arbitrary files on the server, which can contain sensitive information. This only impacts sites hosted on Windows servers."}, {"lang": "es", "value": "El complemento Backuply \u2013 Backup, Restore, Migrate and Clone para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 1.2.7 incluida a trav\u00e9s del par\u00e1metro backup_name en la funci\u00f3n backuply_download_backup. Esto hace posible que los atacantes tengan una cuenta con solo la capacidad enable_plugins para acceder a archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial. Esto s\u00f3lo afecta a los sitios alojados en servidores Windows."}], "id": "CVE-2024-2294", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-03-16T02:15:09.200", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/functions.php#L1615"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/browser/backuply/trunk/main/ajax.php#L78"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050547%40backuply&new=3050547%40backuply&sfp_email=&sfph_mail="}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3bd1f2-092c-47c4-a4e4-3365e107c57f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Primary"}]}