Lucene search
K

115 matches found

Cvelist
Cvelist
added yesterday32 views

CVE-2026-8996 Backup and Staging by WP Time Capsule <= 1.22.26 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via download_recent_decrypted_file_wptc Function

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.22.26 via the downloadrecentdecryptedfilewptc. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

6.5CVSS0.0027EPSS
Exploits0References8
CVE
CVE
added yesterday11 views

CVE-2026-8996

The CVE-2026-8996 entry describes a Sensitive Information Exposure in the WordPress plugin “Backup and Staging by WP Time Capsule” up to version 1.22.26. The flaw is exposed via download_recent_decrypted_file_wptc, enabling authenticated users with subscriber-level access (or higher) to obtain th...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-8996

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.22.26 via the downloadrecentdecryptedfilewptc. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References9
NVD
NVD
added 2026/06/20 2:16 p.m.11 views

CVE-2020-37255

WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWPJSONPREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies...

8.7CVSS0.00398EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/20 1:36 p.m.8 views

EUVD-2020-31256

WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWPJSONPREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies...

8.7CVSS5.9AI score0.00398EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/20 1:36 p.m.28 views

CVE-2020-37255 WordPress Time Capsule Plugin 1.21.16 Authentication Bypass

WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWPJSONPREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies...

8.7CVSS0.00398EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/20 1:36 p.m.8 views

CVE-2020-37255

WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWPJSONPREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies...

8.7CVSS5.9AI score0.00398EPSS
Exploits0References3
CVE
CVE
added 2026/06/20 1:36 p.m.30 views

CVE-2020-37255

CVE-2020-37255 affects WordPress Time Capsule Plugin version 1.21.16. The vulnerability is an authentication bypass that lets unauthenticated attackers craft a POST request containing the IWP_JSON_PREFIX header to obtain a valid administrator session cookie and gain access to the WordPress dashbo...

8.7CVSS5.9AI score0.00398EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.14 views

PT-2026-51140

Name of the Vulnerable Software and Affected Versions WordPress Time Capsule Plugin version 1.21.16 Description An authentication bypass allows unauthenticated attackers to gain administrative access by sending a crafted POST request containing the IWP JSON PREFIX header. This flaw enables the...

8.7CVSS5.9AI score0.00398EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42760

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.25...

7.5CVSS5.4AI score0.00291EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/30 8:40 p.m.13 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.25 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by dodoh4t in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.25...

7.5CVSS5.8AI score0.00291EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/27 11:16 a.m.11 views

CVE-2026-42760

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.25...

7.5CVSS0.00291EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:49 a.m.8 views

CVE-2026-42760

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.25...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 9:49 a.m.35 views

CVE-2026-42760 WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.25 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.25...

7.5CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:49 a.m.30 views

CVE-2026-42760

CVE-2026-42760 concerns the WordPress plugin “Backup and Staging by WP Time Capsule” (revmakx) where the vulnerability enables an authentication bypass via an alternate path or channel, enabling password-recovery exploitation. Affected: wp-time-capsule plugin versions from n/a up to and including...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

WordPress plugin Backup and Staging by WP Time Capsule 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43668

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through = 1.22.25...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/02/04 6:5 p.m.144 views

Exploit for Unrestricted Upload of File with Dangerous Type in Revmakx Backup_And_Staging_By_Wp_Time_Capsule

...

9.8CVSS5.3AI score0.93709EPSS
Exploits7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0987

Malware in sbrugna...

5CVSS6.4AI score0.01246EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-1824

Malware in sbrugna...

7.1CVSS6.4AI score0.0139EPSS
Exploits0References4
Rows per page
Query Builder