Vulnerability Details CVE-2022-1585
The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.2%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-1585
-
cpe:2.3:a:project-source-code-download_project:project-source-code-download:1.0.0