CVE-2025-10306

The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the processbackupbatch function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download...

WordPress plugin Backup Bolt 安全漏洞

WordPress Backup Bolt plugin is a backup plugin for WordPress websites, mainly used to automate the backup of website data including files, databases, etc., and support the recovery function. WordPress Backup Bolt plugin has an arbitrary file download vulnerability, which stems from a flaw in the...

WordPress plugin Backup Bolt 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

WordPress Backup Bolt Plugin <= 1.3.0 is vulnerable to Sensitive Data Exposure

Software Backup Bolt Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.4.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-7236 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dd36f15c489e Credits Dmitrii Ignatyev Required...