63 matches found
JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing
JetBackup WordPress plugin = 2.0.9.9 does not use index files to prevent directory listing in certain configurations, letting malicious actors leak backup files, exploit requires access to the web server. id: CVE-2023-7165 info: name: JetBackup = 2.0.9.7 - Sensitive Information Exposure via...
CVE-2026-4853
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
EUVD-2026-23354
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
CVE-2026-4853
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
CVE-2026-4853 JetBackup <= 3.1.19.8 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal in 'fileName' Parameter
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
CVE-2026-4853
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
CVE-2026-4853
CVE-2026-4853 (JetBackup
CVE-2026-4853 JetBackup <= 3.1.19.8 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal in 'fileName' Parameter
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
WordPress JetBackup plugin <= 3.1.19.8 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal in 'fileName' Parameter vulnerability
Authenticated Administrator+ Arbitrary Directory Deletion via Path Traversal in 'fileName' Parameter vulnerability discovered by lucsob in WordPress Plugin Backup Guard versions = 3.1.19.8...
WordPress plugin JetBackup – Backup, Restore & Migrate 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-33402
The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler. The plugin sanitizes...
PT-2026-6629
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in WebRTC allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. WebRTC Web Real-Time Communication is a technology...
EUVD-2020-24109
Malware in sbrugna...
EUVD-2020-24111
Malware in sbrugna...
EUVD-2020-24110
Malware in sbrugna...
EUVD-2022-37163
Malicious code in bioql PyPI...
CVE-2023-7165
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...
CVE-2022-34148
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JetBackup JetBackup – WP Backup, Migrate & Restore plugin = 1.6.9.0 versions...
CVE-2020-36667
The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backupguardclouddropbox, backupguardcloudgdrive, and backupguardcloudoneDrive function...
CVE-2020-36668
The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backupguardgetmanualmodal function called via an AJAX action. This makes it possible for...