CVE-2026-3143 Total Upkeep <= 1.17.1 - Missing Authorization to Unauthenticated Rollback Cancellation

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxclicancel' function in all versions up to, and including, 1.17.1. This makes it possible for...

CVE-2026-3143 Total Upkeep <= 1.17.1 - Missing Authorization to Unauthenticated Rollback Cancellation

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxclicancel' function in all versions up to, and including, 1.17.1. This makes it possible for...

EUVD-2026-26502

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxclicancel' function in all versions up to, and including, 1.17.1. This makes it possible for...

CVE-2026-3143

The CVE concerns the BoldGrid WordPress plugin component of Total Upkeep – WordPress Backup Plugin plus Restore & Migrate. A missing capability check in wp_ajax_cli_cancel allows unauthenticated users to cancel a pending rollback, enabling unauthorized data modification in all versions up to 1.17...

PT-2026-36323

Name of the Vulnerable Software and Affected Versions Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid versions prior to 1.17.2 Description The plugin is susceptible to unauthorized data modification because the wp ajax cli cancel function lacks a proper capability check...

WordPress plugin Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin <= 1.17.1 - Missing Authorization to Unauthenticated Rollback Cancellation vulnerability

Missing Authorization to Unauthenticated Rollback Cancellation vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Total Upkeep versions = 1.17.1...

EUVD-2022-52186

Malicious code in bioql PyPI...

EUVD-2024-22232

Malicious code in bioql PyPI...

CVE-2020-36848

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to...

CVE-2020-36848

The CVE-2020-36848 issue affects the BoldGrid BoldGrid’s Total Upkeep – WordPress Backup Plugin plus Restore & Migrate (WordPress) up to version 1.14.9. The vulnerability is a Sensitive Information Exposure via env-info.php and restore-info.json, enabling unauthenticated attackers to discover and...

CVE-2020-36848 Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to...

CVE-2020-36848 Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to...

WordPress plugin Total Upkeep by BoldGrid 信息泄露漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...

PT-2025-29319 · Boldgrid +1 · The Total Upkeep – Wordpress Backup Plugin Plus Restore & Migrate +1

Name of the Vulnerable Software and Affected Versions: Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid versions through 1.14.9 Description: The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is susceptible to sensitive...

CVE-2025-34084

An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep plugin also known as BoldGrid Backup prior to version 1.14.10. The plugin exposes multiple endpoints that allow unauthenticated users to retrieve detailed server configuration env-info.php and discover...

CVE-2025-34084

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36848...

PT-2025-28830 · WordPress · Wordpress Total Upkeep

Name of the Vulnerable Software and Affected Versions: WordPress Total Upkeep plugin versions prior to 1.14.10 Description: An unauthenticated information disclosure issue exists, allowing unauthenticated users to retrieve detailed server configuration and discover backup metadata. The exposed...

CVE-2022-4932

The Total Upkeep plugin for WordPress is vulnerable to information disclosure in versions up to, and including 1.14.13. This is due to missing authorization on the heartbeatreceived function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with...

CVE-2025-2257

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...