Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:20 p.m.6 views

CVE-2021-24174

The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups...

8.1CVSS6.7AI score0.03218EPSS
Exploits5References1
Packet Storm
Packet Storm
added 2021/06/11 12:0 a.m.296 views

WordPress Database Backups 1.2.2.6 Cross Site Request Forgery

Exploit Title: WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF Date: 2/10/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/database-backups/ Version: 1.2.2.6 Tested on: Windows 10 CVE: CVE-2021-24174 1. Description: This plugin allows admins to create and...

5.8CVSS0.03218EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/06/11 12:0 a.m.410 views

WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF

Exploit Title: WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF Date: 2/10/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/database-backups/ Version: 1.2.2.6 Tested on: Windows 10 CVE: CVE-2021-24174 1. Description: This plugin allows admins to create and...

8.1CVSS8.2AI score0.03218EPSS
Exploits5
CVE
CVE
added 2021/04/05 6:27 p.m.97 views

CVE-2021-24174

The CVE-2021-24174 affects the WordPress Database Backups plugin up to version 1.2.2.6. It lacks CSRF checks, enabling an authenticated attacker to induce a logged-in user to perform actions such as generating database backups, changing plugin settings, or deleting backups. The root cause is CSRF...

8.1CVSS7.9AI score0.03218EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder