53 matches found
WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin 4.11.13-5.25.08 - CSRF to RCE vulnerability
CSRF to RCE vulnerability discovered by luckybuddy in WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup versions 4.11.13-5.25.08...
WordPress plugin EZ SQL Reports Shortcode Widget and DB Backup 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2025-26887
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...
CVE-2025-26887
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...
CVE-2025-26887 WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup elisqlreports allows Stored XSS.This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through = 5.21.35...
CVE-2025-26887
CVE-2025-26887 is a Stored XSS in EZ SQL Reports Shortcode Widget and DB Backup for WordPress. Affected: EZ SQL Reports Shortcode Widget and DB Backup (vulnerable range up to 5.21.35). Root cause per description: Improper Neutralization of Input During Web Page Generation (XSS). Impact details in...
WordPress plugin EZ SQL Reports Shortcode Widget and DB Backup 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin EZ SQL Reports Shortcode Widget and DB Backup versions = 5.21.35...
CVE-2022-0833
The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file...
CVE-2014-10076
CVE-2014-10076 affects the WordPress plugin WP-DB-Backup (v2.2.4). The vulnerability arises because access control relies on a five-character string, enabling remote attackers to read backup archives via brute-force. Documents consistently describe this as a credential/authorization weakness allo...
studio.dopetv.ng Improper Access Control vulnerability
Open Bug Bounty ID: OBB-675904 Description| Value ---|--- Affected Website:| studio.dopetv.ng Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
WordPress EZ SQL Reports Shortcode Widget and DB Backup SQL Injection
SQL Injection vulnerability in WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin shortcode parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
WordPress EZ SQL Reports Shortcode Widget and DB Backup RCE
Remote command execution vulnerability in WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin shortcode parameter Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
CVE-2015-9230
The CVE-2015-9230 entry relates to the BulletProof Security WordPress plugin. Affected component: admin/db-backup-security/db-backup-security.php. Root cause: cross-site scripting (XSS) vulnerability via the DBTablePrefix parameter in plugin versions prior to 0.52.5, exploitable by remote authent...
WordPress DB Backup Plugin 任意文件下载
No description provided by source...
WordPress DB-Backup Plugin 4.5 /download.php 任意文件下载漏洞
No description provided by source...
CVE-2014-9119
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
Directory traversal
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2014-9119
CVE-2014-9119 affects WordPress DB Backup Plugin (version 4.5 and earlier). A local file inclusion / directory traversal flaw exists in download.php, permitting an attacker to read arbitrary server files by manipulating the file parameter (e.g., via path traversal). The NUCLEI template and relate...
CVE-2014-9119
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...