Lucene search
K

61 matches found

Cvelist
Cvelist
added 2025/03/26 8:21 a.m.20 views

CVE-2025-2257 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...

7.2CVSS0.00791EPSS
Exploits0References4
OSV
OSV
added 2025/03/26 8:21 a.m.6 views

CVE-2025-2257 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...

7.2CVSS7.5AI score0.00791EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.4 views

WordPress plugin Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid 操作系统命令注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress plugin Total Upkeep - WordPress Backup Plugin plu...

7.2CVSS9.3AI score0.00791EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/25 9:38 p.m.7 views

WordPress Total Upkeep plugin <= 1.16.10 - Authenticated (Admin+) Command Injection vulnerability

Authenticated Admin+ Command Injection vulnerability discovered by sterva in WordPress Plugin Total Upkeep versions = 1.16.10...

7.2CVSS7.3AI score0.00791EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/02/27 8:14 a.m.7 views

WordPress Total Upkeep plugin <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability

Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by ngosytuan & quyetnt in WordPress Plugin Total Upkeep versions = 1.16.8...

6.5CVSS7.1AI score0.00433EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/02/27 7:15 a.m.12 views

CVE-2024-13907

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level...

6.5CVSS0.00433EPSS
Exploits0References3
OSV
OSV
added 2025/02/27 7:15 a.m.6 views

CVE-2024-13907

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level...

6.5CVSS5.8AI score0.00433EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/27 6:48 a.m.10 views

CVE-2024-13907 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level...

4.9CVSS5AI score0.00433EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.5 views

WordPress plugin Total Upkeep 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

6.5CVSS8.5AI score0.00433EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 2:22 a.m.12 views

CVE-2024-24869

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...

7.5CVSS6.8AI score0.00658EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/26 10:19 p.m.6 views

WordPress Total Upkeep plugin <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings vulnerability

Authenticated Administrator+ Remote Code Execution via Backup Settings vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Total Upkeep versions = 1.16.6...

7.2CVSS7.5AI score0.01012EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/26 2:15 p.m.4 views

CVE-2024-9461

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...

7.2CVSS6AI score0.01012EPSS
Exploits0References2
CVE
CVE
added 2024/11/26 1:56 p.m.57 views

CVE-2024-9461

CVE-2024-9461 affects the WordPress plugin “Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid.” All versions up to and including 1.16.6 are vulnerable to Remote Code Execution via the cron_interval parameter due to missing input validation/sanitization. Exploitation requir...

7.2CVSS7.2AI score0.01012EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.4 views

WordPress plugin Total Upkeep 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.2CVSS8.7AI score0.01012EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.6 views

PT-2024-39649 · WordPress · Total Upkeep

Name of the Vulnerable Software and Affected Versions: Total Upkeep – WordPress Backup Plugin plus Restore & Migrate versions up to 1.16.6 Description: The issue is related to the lack of input validation and sanitization, making it possible for authenticated attackers with Administrator-level...

7.2CVSS7.8AI score0.01012EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/26 12:0 a.m.16 views

WordPress Total Upkeep Plugin <= 1.16.6 is vulnerable to Remote Code Execution (RCE)

Software Total Upkeep Type Plugin Vulnerable versions = 1.16.6 Fixed in 1.16.7 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-9461 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 5d87f5849942 Credits Jonas Benjamin Friedli Required privile...

7.2CVSS7.3AI score0.01012EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.167 views

WordPress Total Upkeep Unauthenticated Backup Downloader

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Total Upkeep Unauthenticated Backup Downloader', 'Description' = %q This module exploits an unauthenticated database backup vulnerabili...

7.4AI score
Exploits0
NVD
NVD
added 2024/05/17 9:15 a.m.25 views

CVE-2024-24869

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...

7.5CVSS7.5AI score0.00658EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 9:15 a.m.4 views

CVE-2024-24869

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...

7.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:48 a.m.27 views

CVE-2024-24869 WordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8...

7.5CVSS7.5AI score0.00658EPSS
Exploits0References1
Rows per page
Query Builder