{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:24:43.567","vulnerabilities":[{"cve":{"id":"CVE-2011-4342","sourceIdentifier":"secalert@redhat.com","published":"2012-10-08T18:55:00.887","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"PHP remote file inclusion vulnerability in wp_xml_export.php in the BackWPup plugin before 1.7.2 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter."},{"lang":"es","value":"Vulnerabilidad de inclusión remota de archivo PHP enwp_xml_export.php en el plugin BackWPup  anterior a v1.7.2 para WordPress  permite a atacantes remotos ejecutar código PHP de su elección a través de la URL en el parámetro wpabs.\r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:backwpup:backwpup:*:*:*:*:*:*:*:*","versionEndIncluding":"1.7.1","matchCriteriaId":"29F4221A-1C11-4B01-9C99-7B3BC5D570EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*","matchCriteriaId":"A77EB0E7-7FA7-4232-97DF-7C7587D163F1"}]}]}],"references":[{"url":"http://packetstormsecurity.org/files/view/99799/SOS-11-003.txt","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://seclists.org/fulldisclosure/2011/Mar/328","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://secunia.com/advisories/43565","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://wordpress.org/support/topic/plugin-backwpup-remote-and-local-codeexecution-vulnerability-sos-11-003","source":"secalert@redhat.com"},{"url":"http://www.exploit-db.com/exploits/17056","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/11/22/10","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/11/22/7","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://www.osvdb.org/71481","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://www.senseofsecurity.com.au/advisories/SOS-11-003.pdf","source":"secalert@redhat.com","tags":["Exploit","URL Repurposed"]},{"url":"http://packetstormsecurity.org/files/view/99799/SOS-11-003.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://seclists.org/fulldisclosure/2011/Mar/328","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/43565","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://wordpress.org/support/topic/plugin-backwpup-remote-and-local-codeexecution-vulnerability-sos-11-003","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.exploit-db.com/exploits/17056","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/11/22/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2011/11/22/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.osvdb.org/71481","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.senseofsecurity.com.au/advisories/SOS-11-003.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","URL Repurposed"]}]}}]}