CVE-2023-6113 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2023-6113?

CVE-2023-6113 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-6113?

Check the references section above for vendor advisories and patch information. Affected products include: Wp-Staging Wp Staging.

Vulnerability Description

The WP STAGING WordPress Backup Plugin before 3.1.3 and WP STAGING Pro WordPress Backup Plugin before 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated attackers to download said backups later.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Wp-Staging	Wp Staging	< 3.1.3

References

https://research.cleantalk.org/cve-2023-6113-wp-staging-unauth-sensitive-data-exExploitThird Party Advisory
https://wpscan.com/vulnerability/5a71049a-09a6-40ab-a4e8-44634869d4fbExploitThird Party Advisory
https://research.cleantalk.org/cve-2023-6113-wp-staging-unauth-sensitive-data-exExploitThird Party Advisory
https://wpscan.com/vulnerability/5a71049a-09a6-40ab-a4e8-44634869d4fbExploitThird Party Advisory

FAQ

What is CVE-2023-6113?

CVE-2023-6113 is a vulnerability with a CVSS score of 7.5 (HIGH). The WP STAGING WordPress Backup Plugin before 3.1.3 and WP STAGING Pro WordPress Backup Plugin before 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowi...

How severe is CVE-2023-6113?

CVE-2023-6113 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-6113?

Check the references section above for vendor advisories and patch information. Affected products include: Wp-Staging Wp Staging.