22 matches found
CVE-2025-68039
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.1.0...
CVE-2025-68039
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.1.0...
CVE-2025-68039 WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.1.0...
CVE-2025-68039 WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Chris Simmons WP BackItUp wp-backitup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP BackItUp: from n/a through = 2.1.0...
CVE-2025-68039
CVE-2025-68039 describes a Missing Authorization vulnerability in WP BackItUp (WordPress plugin) where access control is incorrectly configured. Affected software: WP BackItUp wp-backitup up to and including version 2.0.0. Root cause: broken/insufficient authorization allowing unauthorized action...
PT-2026-4068
Name of the Vulnerable Software and Affected Versions Chris Simmons WP BackItUp versions through 2.0.0 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendations Upda...
WordPress plugin WP BackItUp has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP BackItUp versions = 2.1.0...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
EUVD-2025-197651
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
Nero BackItUp 安全漏洞
Nero BackItUp is a backup program from Nero. A security vulnerability exists in Nero BackItUp that stems from path resolution and UI rendering flaws that could lead to the execution of arbitrary code when a user clicks on a specially crafted entry...
CVE-2025-63680
Nero BackItUp (Nero Productline) is affected by a path parsing/UI rendering flaw (CWE-22) that, in conjunction with Windows ShellExecuteW fallback extension resolution, enables arbitrary code execution when a user clicks a crafted entry. The mechanism: create a trailing-dot folder and place a scr...
PT-2025-46789
Name of the Vulnerable Software and Affected Versions Nero BackItUp versions 2019 through 2025 Description Nero BackItUp contains a path parsing and user interface rendering flaw. This flaw, combined with how Windows handles file execution, can allow an attacker to run arbitrary code when a user...
WordPress WP BackItUp plugin <= 1.50 - Unauthenticated Broken Access Control vulnerability
Unauthenticated Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WP BackItUp versions = 1.50...
WordPress WP BackItUp plugin <= 1.50 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WP BackItUp versions = 1.50...
WordPress WP BackItUp plugin <= 1.50 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WP BackItUp versions = 1.50...