2 matches found
CVE-2025-5396
CVE-2025-5396 affects the Bears Backup plugin for WordPress (all versions up to 2.0.0). Root cause: bbackup_ajax_handle() lacks a capability check and passes unsanitized input directly to call_user_func(), enabling unauthenticated remote code execution. Impact includes potential backdoors or crea...
WordPress Bears Backup plugin <= 2.0.0 - Unauthenticated Remote Code Execution vulnerability
Unauthenticated Remote Code Execution vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Bears Backup versions = 2.0.0...