CVE-2014-8606

XCloner 3.1.1 and 3.5.1 - Authenticated Path Traversal via File Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8606.

AI-analyzed exploit summary This is a detailed technical analysis of multiple vulnerabilities in XCloner WordPress/Joomla! backup plugin, including arbitrary command execution via unsanitized input in exec() calls, cleartext MySQL password exposure, and predictable backup file names. The advisory includes vulnerable code snippets and root cause analysis.

Description

Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to read arbitrary files via a .. (dot dot) in the file parameter in a json_return action in the xcloner_show page to wp-admin/admin-ajax.php.

Exploits (1)

exploitdb WRITEUP
webappsphp
https://www.exploit-db.com/exploits/35212

This is a detailed technical analysis of multiple vulnerabilities in XCloner WordPress/Joomla! backup plugin, including arbitrary command execution via unsanitized input in exec() calls, cleartext MySQL password exposure, and predictable backup file names. The advisory includes vulnerable code snippets and root cause analysis.

Classification
Writeup 100%
Attack Type
Rce | Info Leak
Complexity
Trivial
Reliability
Reliable
Target: XCloner WordPress/Joomla! backup plugin v3.1.1 (WordPress) v3.5.1 (Joomla!)
Auth required
Prerequisites: Administrative access to the plugin · Plugin installed and configured
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Scores

EPSS 0.0621
EPSS Percentile 92.6%

Details

CWE
CWE-22
Status published
Products (2)
xcloner/xcloner 3.1.1
xcloner/xcloner 3.5.1
Published Jun 10, 2015
Tracked Since Feb 18, 2026