137 matches found
WordPress Backup Migration 1.3.7 - Remote Command Execution
Exploit Title: WordPress Backup Migration 1.3.7 - Remote Command Execution Date: 2025-10-26 Exploit Author: DANG Vendor Homepage: https://backupbliss.com/ Software Link: https://wordpress.org/plugins/backup-backup/ Version: Backup Migration ≤1.3.7 Tested on: LINUX CVE : CVE-2023-6553 This module...
CVE-2025-15041
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the savesiteoption function in all versions up to, and including, 5.6.2. This makes it possible for...
WordPress Backup Migration plugin <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url vulnerability
Authenticated Admin+ OS Command Injection via url vulnerability discovered by Françoa Taffarel in WordPress Plugin Backup Migration versions = 1.3.9...
PT-2026-6629
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in WebRTC allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. WebRTC Web Real-Time Communication is a technology...
EUVD-2025-35914
The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-10579
CVE-2025-10579 affects the BackWPup – WordPress Backup & Restore Plugin for WordPress. The root cause is a missing capability check on the Ajax action backwpup_working, allowing authenticated users with Subscriber-level access or higher to retrieve a backup file name while a backup is running. Im...
PT-2025-43699
Name of the Vulnerable Software and Affected Versions BackWPup – WordPress Backup & Restore Plugin versions prior to 5.5.1 Description The BackWPup – WordPress Backup & Restore Plugin for WordPress is susceptible to unauthorized data access. A missing capability check on the backwpup working AJAX...
WordPress Backup Bolt plugin Arbitrary File Download Vulnerability
WordPress Backup Bolt plugin is a backup plugin for WordPress websites, mainly used to automate the backup of website data including files, databases, etc., and support the recovery function. WordPress Backup Bolt plugin has an arbitrary file download vulnerability, which stems from a flaw in the...
EUVD-2021-12001
Malware in sbrugna...
EUVD-2020-30799
Malware in sbrugna...
EUVD-2020-24109
Malware in sbrugna...
EUVD-2023-37181
Malicious code in bioql PyPI...
EUVD-2024-46750
Malicious code in bioql PyPI...
EUVD-2023-49928
Malicious code in bioql PyPI...
EUVD-2023-56381
Malicious code in bioql PyPI...
EUVD-2023-58368
Malicious code in bioql PyPI...
EUVD-2023-56856
Malicious code in bioql PyPI...
EUVD-2025-8110
Malicious code in bioql PyPI...
EUVD-2023-59385
Malicious code in bioql PyPI...
EUVD-2025-31692
Malicious code in bioql PyPI...