Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/10/12 3:30 a.m.19 views

CVE-2025-11380

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everestprocessstatus' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for...

5.9CVSS5.4AI score0.00374EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/11 3:30 a.m.9 views

EUVD-2025-33805

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everestprocessstatus' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for...

5.9CVSS5AI score0.00374EPSS
Exploits1References3
CVE
CVE
added 2025/10/11 2:24 a.m.24 views

CVE-2025-11380

CVE-2025-11380 affects the Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin. Public details in connected docs confirm a missing capability check on the AJAX action named ‘everest_process_status’ that can allow unauthenticated attackers to discover backup file locations...

5.9CVSS5AI score0.00374EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/11 2:24 a.m.8 views

CVE-2025-11380 Everest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everestprocessstatus' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for...

5.9CVSS5AI score0.00374EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/11 2:24 a.m.14 views

CVE-2025-11380 Everest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everestprocessstatus' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for...

5.9CVSS0.00374EPSS
Exploits1References2
Rows per page
Query Builder