Lucene search
K

127 matches found

euvd
euvd
added 2025/10/25 6:30 a.m.3 views

EUVD-2025-35914

The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...

5.3CVSS4.5AI score0.00254EPSS
Exploits0References4
nvd
nvd
added 2025/10/25 5:15 a.m.6 views

CVE-2025-10579

The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...

5.3CVSS0.00254EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/10/25 4:22 a.m.14 views

CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure

The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...

5.3CVSS4.5AI score0.00254EPSS
Exploits0References3
cve
cve
added 2025/10/25 4:22 a.m.25 views

CVE-2025-10579

CVE-2025-10579 affects the BackWPup – WordPress Backup & Restore Plugin for WordPress. The root cause is a missing capability check on the Ajax action backwpup_working, allowing authenticated users with Subscriber-level access or higher to retrieve a backup file name while a backup is running. Im...

5.3CVSS4.6AI score0.00254EPSS
Exploits0References3
cvelist
cvelist
added 2025/10/25 4:22 a.m.12 views

CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure

The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...

5.3CVSS0.00254EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/10/25 12:0 a.m.7 views

PT-2025-43699

Name of the Vulnerable Software and Affected Versions BackWPup – WordPress Backup & Restore Plugin versions prior to 5.5.1 Description The BackWPup – WordPress Backup & Restore Plugin for WordPress is susceptible to unauthorized data access. A missing capability check on the backwpup working AJAX...

5.3CVSS5.7AI score0.00254EPSS
Exploits0References7
patchstack
patchstack
added 2025/10/24 11:39 p.m.10 views

WordPress BackWPup plugin 5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin BackWPup versions 5...

5.3CVSS6.7AI score0.00254EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-5108

Malware in sbrugna...

5CVSS6.4AI score0.0326EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4274

Malware in sbrugna...

7.5CVSS6.2AI score0.10403EPSS
Exploits1References10
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11734

Malware in sbrugna...

7.5CVSS7.6AI score0.01671EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-4482

Malware in sbrugna...

4.3CVSS6.1AI score0.02058EPSS
Exploits3References7
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57818

Malicious code in bioql PyPI...

8.7CVSS9AI score0.00926EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57819

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00981EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-58058

Malicious code in bioql PyPI...

2.7CVSS5.7AI score0.00449EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 5:8 a.m.20 views

CVE-2023-5775

The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated attackers, with...

2.7CVSS6.7AI score0.00449EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 2:41 a.m.9 views

CVE-2023-5504

The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...

8.7CVSS6AI score0.00926EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 2:40 a.m.10 views

CVE-2023-5505

The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally,...

6.8CVSS6.7AI score0.00981EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:12 a.m.13 views

CVE-2013-4626

Cross-site scripting XSS vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php...

4.3CVSS6AI score0.02058EPSS
Exploits3References1
redhatcve
redhatcve
added 2025/05/22 5:59 a.m.8 views

CVE-2011-4342

PHP remote file inclusion vulnerability in wpxmlexport.php in the BackWPup plugin before 1.7.2 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter...

7.5CVSS8AI score0.10403EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 1:52 a.m.8 views

CVE-2011-5208

Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the wpabs parameter to 1 app/options-viewlog-iframe.php or 2 app/options-runnow-iframe.php...

5CVSS7.3AI score0.0326EPSS
Exploits1References1
Rows per page
Query Builder