127 matches found
EUVD-2025-35914
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-10579
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-10579
CVE-2025-10579 affects the BackWPup – WordPress Backup & Restore Plugin for WordPress. The root cause is a missing capability check on the Ajax action backwpup_working, allowing authenticated users with Subscriber-level access or higher to retrieve a backup file name while a backup is running. Im...
CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...
PT-2025-43699
Name of the Vulnerable Software and Affected Versions BackWPup – WordPress Backup & Restore Plugin versions prior to 5.5.1 Description The BackWPup – WordPress Backup & Restore Plugin for WordPress is susceptible to unauthorized data access. A missing capability check on the backwpup working AJAX...
WordPress BackWPup plugin 5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin BackWPup versions 5...
EUVD-2011-5108
Malware in sbrugna...
EUVD-2011-4274
Malware in sbrugna...
EUVD-2017-11734
Malware in sbrugna...
EUVD-2013-4482
Malware in sbrugna...
EUVD-2023-57818
Malicious code in bioql PyPI...
EUVD-2023-57819
Malicious code in bioql PyPI...
EUVD-2023-58058
Malicious code in bioql PyPI...
CVE-2023-5775
The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. This is due to to the plugin improperly storing backup destination passwords in plaintext. This makes it possible for authenticated attackers, with...
CVE-2023-5504
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...
CVE-2023-5505
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally,...
CVE-2013-4626
Cross-site scripting XSS vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php...
CVE-2011-4342
PHP remote file inclusion vulnerability in wpxmlexport.php in the BackWPup plugin before 1.7.2 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter...
CVE-2011-5208
Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the wpabs parameter to 1 app/options-viewlog-iframe.php or 2 app/options-runnow-iframe.php...