5 matches found
Exploit for CVE-2026-10795
CVE Lab: CVE-2026-10795 - UpdraftPlus UpdraftCentral RPC Authe...
CVE-2026-10795 UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlusRemoteCommunicationsV2::wploaded function. This is due to insufficient validation of the remote communications message format,...
WordPress UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc vulnerability
Unauthenticated Authentication Bypass via UpdraftCentral udrpc vulnerability discovered by vtim in WordPress Plugin UpdraftPlus versions = 1.26.4...
Critical Unauthenticated Authentication Bypass Vulnerability Patched in UpdraftPlus WordPress Plugin
On June 2nd, 2026, we received a submission for a critical Unauthenticated Authentication Bypass vulnerability in UpdraftPlus, a WordPress plugin with more than 3 million active installations. Although the plugin has such a large install base, the vulnerability is only exploitable on sites that...
PT-2026-48532
Name of the Vulnerable Software and Affected Versions UpdraftPlus: WP Backup & Migration Plugin versions prior to 1.26.5 Description An authentication bypass exists in the UpdraftPlus Remote Communications V2::wp loaded function due to insufficient validation of the remote communications message...