5 matches found
CVE-2025-15041
The CVE refers to BackWPup – WordPress Backup & Restore Plugin for WordPress, where a missing capability check in save_site_option() in versions
CVE-2025-15041 BackWPup <= 5.6.2 - Authenticated (BackWPup Helper+) Privilege Escalation via Arbitrary Options Update
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the savesiteoption function in all versions up to, and including, 5.6.2. This makes it possible for...
CVE-2025-15041 BackWPup <= 5.6.2 - Authenticated (BackWPup Helper+) Privilege Escalation via Arbitrary Options Update
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the savesiteoption function in all versions up to, and including, 5.6.2. This makes it possible for...
PT-2026-20623
Name of the Vulnerable Software and Affected Versions BackWPup – WordPress Backup & Restore Plugin versions prior to 5.6.3 Description The BackWPup – WordPress Backup & Restore Plugin for WordPress is susceptible to unauthorized data modification, potentially leading to privilege escalation. A...
EUVD-2025-198404
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the uipsavesiteoption function in all versions up to, and including, 3.5.08. This makes it possible for authenticate...