cvedb.io
CVE-2021-39327
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2021-09-17T11:15:08.647 · Last modified 2026-06-17T04:03:33.287

Summary

The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.

Affected products

ait-pro — bulletproof_security

Does this affect you?

Add your gear to cvedb and we'll alert you only when ait-pro ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.