CVE-2026-4853

The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...

EUVD-2026-23354

The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...

CVE-2026-4853 JetBackup <= 3.1.19.8 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal in 'fileName' Parameter

The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...

CVE-2026-4853

CVE-2026-4853 (JetBackup

WordPress plugin JetBackup – Backup, Restore & Migrate 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-33402

The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...

EUVD-2020-24111

Malware in sbrugna...

EUVD-2020-24110

Malware in sbrugna...

EUVD-2022-37163

Malicious code in bioql PyPI...

CVE-2023-7165

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

CVE-2020-36668

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backupguardgetmanualmodal function called via an AJAX action. This makes it possible for...

CVE-2020-36669

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.3.9. This is due to missing nonce validation on the backupguardgetimportbackup function. This makes it possible for unauthenticated attackers to upload...

CVE-2023-7165

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

PT-2024-15218

Name of the Vulnerable Software and Affected Versions JetBackup WordPress plugin versions prior to 2.0.9.9 Description The issue allows malicious actors to leak backup files due to the plugin not using index files to prevent public directory listing of sensitive directories in certain...

PT-2023-13346 · WordPress · Jetbackup

Name of the Vulnerable Software and Affected Versions: JetBackup JetBackup – WP Backup, Migrate & Restore plugin versions 1.6.9.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to cross-site scripting. Recommendations:...

WordPress Plugin JetBackup – WP Backup，Migrate & Restore 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin... A cross-site scripting...

Cross site request forgery (csrf)

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.3.9. This is due to missing nonce validation on the backupguardgetimportbackup function. This makes it possible for unauthenticated attackers to upload...

CVE-2020-36668 JetBackup – WP Backup, Migrate & Restore <= 1.4.0 - Sensitive Information Disclosure

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backupguardgetmanualmodal function called via an AJAX action. This makes it possible for...

CVE-2020-36667

The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backupguardclouddropbox, backupguardcloudgdrive, and backupguardcloudoneDrive function...

PT-2023-11835 · WordPress · Jetbackup

Name of the Vulnerable Software and Affected Versions: JetBackup – WP Backup, Migrate & Restore plugin for WordPress versions up to, and including, 1.4.0 Description: The issue is related to sensitive information disclosure due to a lack of proper capability checking on the backup guard get manua...