0.012 Low
EPSS
Percentile
85.0%
There are multiple vulnerabilities in this plugin, that allow remote authenticated users to execute arbitrary commands via shell metacharacters in the $backup[‘filepath’] or $backup[‘mysqldumppath’] variable.
Update the plugin.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8334