265 matches found
CVE-2025-26887 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...
CVE-2020-35950
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.153 for WordPress. It allows CSRF via almost any endpoint...
CVE-2024-10028
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticat...
CVE-2024-9461
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...
WordPress plugin WP Database Backup 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-1781 · WordPress · Backup/Restore Wordpress – Backup Plugin
Name of the Vulnerable Software and Affected Versions: Backup and Restore WordPress – Backup Plugin versions up to 1.50 Description: The issue is related to Cross-Site Request Forgery, which is possible due to missing or incorrect nonce validation in the ajax queue manual backup function. This...
CVE-2024-9290
The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibkrestoremigratecheck function in all versions up to, and including, 2.3.3. This makes it possible for...
CVE-2023-28165
CVE-2023-28165 = Broken Access Control in Backup Bank: WordPress Backup Plugin (versions
CVE-2024-9461
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...
CVE-2024-9461
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the croninterval parameter. This is due to missing input validation and sanitization. This makes it possible f...
CVE-2024-9461
CVE-2024-9461 affects the WordPress plugin “Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid.” All versions up to and including 1.16.6 are vulnerable to Remote Code Execution via the cron_interval parameter due to missing input validation/sanitization. Exploitation requir...
CVE-2024-52390 WordPress CYAN Backup plugin <= 2.5.3 - Arbitrary File Download vulnerability
Path Traversal: '.../...//' vulnerability in Greg Ross CYAN Backup cyan-backup allows Path Traversal.This issue affects CYAN Backup: from n/a through = 2.5.3...
CVE-2024-34015
Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892...
CVE-2024-34015
Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892...
CVE-2024-34015
Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892...
CVE-2024-34015
CVE-2024-34015 involves a sensitive information disclosure in the Acronis Backup plugin for cPanel & WHM (Linux) due to improper symbolic-link handling. Affected versions are: plugin builds prior to 1.8.3.818 and prior to 1.9.1.892. The vulnerability enables information disclosure during file bro...
WordPress CYAN Backup Plugin <= 2.5.3 is vulnerable to Arbitrary File Download
Software CYAN Backup Type Plugin Vulnerable versions = 2.5.3 Fixed in 2.5.4 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-52390 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID b0f12165e19f Credits Junsu Yeo Required privilege...
Acronis Backup plugin for cPanel & WHM (Linux) 安全漏洞
Acronis Backup plugin for cPanel & WHM Linux is a plugin from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux versions prior to 818, which stems from improper handling of symbolic links, resulting in the disclosure of sensitive information duri...
PT-2024-25641 · Acronis · Acronis Backup Plugin For Cpanel & Whm
Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM Linux versions prior to build 818 Description: The issue is related to sensitive information disclosure during file browsing due to improper symbolic link handling. This can lead to unauthorized access a...
Exploit for CVE-2023-6553
CVE-2023-6553 Exploit Development for CVE-2023-6553 on Backup...