CVE-2026-1104 FastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download

The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to unauthorized backup creation and download due to a missing capability check on REST API endpoints in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with...

CVE-2021-24172

The VM Backups WordPress plugin through 1.0 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the DB, plugins, and current...

Cross-site request forgery vulnerability in douPHP backend

Douphp is a lightweight enterprise website management system, based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. douPHP backend there is a cross-site request forgery vulnerability , due to the backend backup function is not done at the token validatio...

FreeBSD : nwclient -- multiple vulnerabilities (d177d9f9-e317-11d9-8088-00123f0f7307)

Insecure file permissions, network access control and DNS usage put systems that use Legato NetWorker at risk. When the software is running, several files that contain sensitive information are created with insecure permissions. The information exposed include passwords and can therefore be used...

nwclient -- multiple vulnerabilities

Insecure file permissions, network access control and DNS usage put systems that use Legato NetWorker at risk. When the software is running, several files that contain sensitive information are created with insecure permissions. The information exposed include passwords and can therefore be used...