CVE-2026-3143

The CVE concerns the BoldGrid WordPress plugin component of Total Upkeep – WordPress Backup Plugin plus Restore & Migrate. A missing capability check in wp_ajax_cli_cancel allows unauthenticated users to cancel a pending rollback, enabling unauthorized data modification in all versions up to 1.17...

PT-2026-36323

Name of the Vulnerable Software and Affected Versions Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid versions prior to 1.17.2 Description The plugin is susceptible to unauthorized data modification because the wp ajax cli cancel function lacks a proper capability check...

WordPress plugin Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin <= 1.17.1 - Missing Authorization to Unauthenticated Rollback Cancellation vulnerability

Missing Authorization to Unauthenticated Rollback Cancellation vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Total Upkeep versions = 1.17.1...