CVE-2024-3034 - Vulnerability Details - OpenCVE

The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00563.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve

History

Wed, 08 Apr 2026 18:30:00 +0000

Type	Values Removed	Values Added
Title		BackUpWordPress <= 3.13 - Authenticated (Admin+) Directory Traversal
Weaknesses		CWE-22

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0029}`	epss `{'score': 0.00296}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-04-27T04:33:28.612Z

Updated: 2026-04-08T17:20:08.791Z

Reserved: 2024-03-27T20:39:36.417Z

Link: CVE-2024-3034

Vulnrichment

Updated: 2024-08-01T19:32:42.649Z

NVD

Status : Awaiting Analysis

Published: 2024-04-27T05:15:48.623

Modified: 2026-04-08T19:21:14.847

Link: CVE-2024-3034

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-3034", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-03-27T20:39:36.417Z", "datePublished": "2024-04-27T04:33:28.612Z", "dateUpdated": "2026-04-08T17:20:08.791Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:20:08.791Z"}, "affected": [{"vendor": "willmot", "product": "BackUpWordPress", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.13", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow."}], "title": "BackUpWordPress <= 3.13 - Authenticated (Admin+) Directory Traversal", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "baseScore": 2.7, "baseSeverity": "LOW"}}], "credits": [{"lang": "en", "type": "finder", "value": "Philippe Vogler"}], "timeline": [{"time": "2024-04-26T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3034", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-29T19:55:25.057223Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:xibodevelopment:backupwordpress:*:*:*:*:*:wordpress:*:*"], "vendor": "xibodevelopment", "product": "backupwordpress", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:32:17.872Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:32:42.649Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:32:42.649Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3034", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-29T19:55:25.057223Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:xibodevelopment:backupwordpress:*:*:*:*:*:wordpress:*:*"], "vendor": "xibodevelopment", "product": "backupwordpress", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-29T20:03:40.438Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Philippe Vogler"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 2.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "willmot", "product": "BackUpWordPress", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.13"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-04-26T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-27T04:33:28.612Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3034", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:32:42.649Z", "dateReserved": "2024-03-27T20:39:36.417Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-04-27T04:33:28.612Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the hmbkp_directory_browse parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to traverse directories outside of the context in which the plugin should allow."}, {"lang": "es", "value": "El complemento BackUpWordPress para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 3.13 incluida a trav\u00e9s del par\u00e1metro hmbkp_directory_browse. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador y superior, atraviesen directorios fuera del contexto en el que el complemento deber\u00eda permitirlo."}], "id": "CVE-2024-3034", "lastModified": "2026-04-08T19:21:14.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-04-27T05:15:48.623", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076291%40backupwordpress&new=3076291%40backupwordpress&sfp_email=&sfph_mail="}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2805cb0-8913-4487-8445-031b7d920e2d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Primary"}]}