61 matches found
CVE-2025-2257 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...
CVE-2025-2257 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...
WordPress plugin Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid 操作系统命令注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress plugin Total Upkeep - WordPress Backup Plugin plu...
WordPress Total Upkeep plugin <= 1.16.10 - Authenticated (Admin+) Command Injection vulnerability
Authenticated Admin+ Command Injection vulnerability discovered by sterva in WordPress Plugin Total Upkeep versions = 1.16.10...
WordPress Total Upkeep plugin <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability
Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by ngosytuan & quyetnt in WordPress Plugin Total Upkeep versions = 1.16.8...
CVE-2024-13907
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-13907
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-13907 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level...
WordPress plugin Total Upkeep 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
CVE-2024-24869
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...
WordPress Total Upkeep plugin <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings vulnerability
Authenticated Administrator+ Remote Code Execution via Backup Settings vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Total Upkeep versions = 1.16.6...
CVE-2024-9461
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...
CVE-2024-9461
CVE-2024-9461 affects the WordPress plugin “Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid.” All versions up to and including 1.16.6 are vulnerable to Remote Code Execution via the cron_interval parameter due to missing input validation/sanitization. Exploitation requir...
WordPress plugin Total Upkeep 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-39649 · WordPress · Total Upkeep
Name of the Vulnerable Software and Affected Versions: Total Upkeep – WordPress Backup Plugin plus Restore & Migrate versions up to 1.16.6 Description: The issue is related to the lack of input validation and sanitization, making it possible for authenticated attackers with Administrator-level...
WordPress Total Upkeep Plugin <= 1.16.6 is vulnerable to Remote Code Execution (RCE)
Software Total Upkeep Type Plugin Vulnerable versions = 1.16.6 Fixed in 1.16.7 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-9461 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 5d87f5849942 Credits Jonas Benjamin Friedli Required privile...
WordPress Total Upkeep Unauthenticated Backup Downloader
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Total Upkeep Unauthenticated Backup Downloader', 'Description' = %q This module exploits an unauthenticated database backup vulnerabili...
CVE-2024-24869
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...
CVE-2024-24869
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...
CVE-2024-24869 WordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...