The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path.CreditsDmitrii IgnatyevWPScanReferenceshttps://wpscan.com/vulnerability/fad9eefe-4552-4d20-a1fd-bb2e172ec8d7