CVE-2026-3339

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbdopenuploaddir AJAX action. This is due to insufficient validation of the kbdpath parameter, which is only sanitized with sanitizetextfield - a function that do...

CVE-2026-3339

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbdopenuploaddir AJAX action. This is due to insufficient validation of the kbdpath parameter, which is only sanitized with sanitizetextfield - a function that do...

WordPress plugin Keep Backup Daily 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Keep Backup Daily 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-3577 Keep Backup Daily <= 2.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title

The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias val parameter in the updatekbdbkupalias AJAX action in all versions up to, and including, 2.1.2. This is due to insufficient input sanitization and output escaping. While...

CVE-2026-3577

The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias val parameter in the updatekbdbkupalias AJAX action in all versions up to, and including, 2.1.2. This is due to insufficient input sanitization and output escaping. While...

CVE-2026-3577 Keep Backup Daily <= 2.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title

The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias val parameter in the updatekbdbkupalias AJAX action in all versions up to, and including, 2.1.2. This is due to insufficient input sanitization and output escaping. While...

CVE-2026-3577

CVE-2026-3577 affects the Keep Backup Daily plugin for WordPress. It is a Stored XSS via the backup title alias (val parameter) in the update_kbd_bkup_alias AJAX action, affecting all versions up to and including 2.1.2. The issue stems from insufficient input sanitization and output escaping: san...

CVE-2026-3339 Keep Backup Daily <= 2.1.1 - Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbdopenuploaddir AJAX action. This is due to insufficient validation of the kbdpath parameter, which is only sanitized with sanitizetextfield - a function that do...

CVE-2026-3339

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbdopenuploaddir AJAX action. This is due to insufficient validation of the kbdpath parameter, which is only sanitized with sanitizetextfield - a function that do...

CVE-2026-3339

The CVE-2026-3339 entry affects the Keep Backup Daily plugin for WordPress (versions ≤ 2.1.1). It enables a Limited Path Traversal via the kbd_open_upload_dir AJAX action because kbd_path is only sanitized with sanitize_text_field(), which does not remove traversal sequences. An authenticated att...

WordPress Keep Backup Daily plugin <= 2.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via Backup Title vulnerability discovered by san6051 - PWC in WordPress Plugin Keep Backup Daily versions = 2.1.2...

WordPress Keep Backup Daily plugin <= 2.1.1 - Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter vulnerability

Authenticated Admin+ Limited Path Traversal via 'kbdpath' Parameter vulnerability discovered by san6051 - PWC in WordPress Plugin Keep Backup Daily versions = 2.1.1...

PT-2026-26723

The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias val parameter in the update kbd bkup alias AJAX action in all versions up to, and including, 2.1.2. This is due to insufficient input sanitization and output escaping. While sanitize...

EUVD-2024-42896

Malicious code in bioql PyPI...

EUVD-2025-4242

Malicious code in bioql PyPI...

CVE-2025-26779

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Path Traversal.This issue affects Keep Backup Daily: from n/a through = 2.1.0...

CVE-2025-26779

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Path Traversal.This issue affects Keep Backup Daily: from n/a through = 2.1.0...

CVE-2025-26779 WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Path Traversal.This issue affects Keep Backup Daily: from n/a through = 2.1.0...

CVE-2025-26779 WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Path Traversal.This issue affects Keep Backup Daily: from n/a through = 2.1.0...