264 matches found
CVE-2023-53907 Bludit 3.13.1 Authenticated Arbitrary File Download via Backup Plugin
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through...
CVE-2023-53907 Bludit 3.13.1 Authenticated Arbitrary File Download via Backup Plugin
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through...
Bludit 路径遍历漏洞
Bludit is an open source lightweight blog content management system CMS from Bludit Open Source. A path traversal vulnerability exists in versions prior to Bludit 3.13.1, which stems from improper manipulation of the Backup Plugin file path parameter, which could lead to arbitrary file downloads...
PT-2025-51945
Name of the Vulnerable Software and Affected Versions Bludit versions prior to 3.13.1 Description A file download issue exists in the Backup Plugin within Bludit. Logged-in users can access arbitrary files. Attackers can exploit the plugin’s download functionality by manipulating file path...
CVE-2025-10304
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the processstatusunlink function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticated...
EUVD-2025-200726
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the processstatusunlink function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticated...
CVE-2025-12092
The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' functionality in all versions up to, and including, 2.5.4. This makes it possible for authenticated attackers, with Administrator-level access and above, to delet...
CVE-2025-12092
The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' functionality in all versions up to, and including, 2.5.4. This makes it possible for authenticated attackers, with Administrator-level access and above, to delet...
PT-2025-45563
Name of the Vulnerable Software and Affected Versions CYAN Backup plugin for WordPress versions through 2.5.4 Description The CYAN Backup plugin for WordPress has a flaw that allows authenticated attackers with Administrator-level access or higher to delete arbitrary files on the server. This is...
CVE-2025-62946 WordPress Everest Backup plugin <= 2.3.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through = 2.3.8...
CVE-2025-10579
CVE-2025-10579 affects the BackWPup – WordPress Backup & Restore Plugin for WordPress. The root cause is a missing capability check on the Ajax action backwpup_working, allowing authenticated users with Subscriber-level access or higher to retrieve a backup file name while a backup is running. Im...
EUVD-2025-33805
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everestprocessstatus' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for...
PT-2025-41630
Name of the Vulnerable Software and Affected Versions Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin versions prior to 2.3.6 Description The Everest Backup plugin for WordPress allows unauthorized access to data due to a missing capability check on the everest proces...
WordPress Everest Backup plugin <= 2.3.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Everest Backup versions = 2.3.8...
EUVD-2020-13282
Malware in sbrugna...
EUVD-2014-1142
Malware in sbrugna...
EUVD-2015-9396
Malware in sbrugna...
EUVD-2020-23533
Malware in sbrugna...
EUVD-2016-1870
Malware in sbrugna...
EUVD-2020-30799
Malware in sbrugna...