CVE-2016-10875

The wp-database-backup plugin before 4.3.1 for WordPress has XSS...

CVE-2020-7241

The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/. This might allow attackers to read ZIP archives by guessing random ID numbers, guessing date strings with a 20200..10..20..30..9 format, guessing UNIX...

EUVD-2016-1867

Malware in sbrugna...

CVE-2019-25224 WP Database Backup < 5.2 - Unauthenticated OS Command Injection

The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system...

CVE-2022-2271

The WP Database Backup WordPress plugin before 5.9 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2019-14949

The wp-database-backup plugin before 5.1.2 for WordPress has XSS...

CVE-2016-10876

The wp-database-backup plugin before 4.3.1 for WordPress has CSRF...

CVE-2024-12330

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensiti...

CVE-2024-12330

CVE-2024-12330 applies to WP Database Backup – Unlimited Database & Files Backup by Backup for WP (WordPress). The vulnerability enables Sensitive Information Exposure via publicly accessible backup files in all versions up to 7.3, allowing unauthenticated attackers to extract database data. Root...

CVE-2024-12330 WP Database Backup – Unlimited Database & Files Backup by Backup for WP <= 7.3 - Unauthenticated Database Back-Up Exposure

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensiti...

CVE-2022-2271

The WP Database Backup WordPress plugin before 5.9 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2271

CVE-2022-2271 concerns the WP Database Backup WordPress plugin datamodel. The provided documents confirm that versions prior to 5.9 fail to escape certain settings, enabling stored cross-site scripting (Stored XSS) by high-privilege users (e.g., admins) when the unfiltered_html capability is disa...

WordPress plugin WP Database Backup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2022-15646 · WordPress · Wp Database Backup

Name of the Vulnerable Software and Affected Versions: WP Database Backup WordPress plugin versions prior to 5.9 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks when the unfiltered html capability is disallowed, for example in a...

CVE-2020-7241

The CVE concerns the WordPress WP Database Backup plugin (affected through 5.5, with related OpenVAS entry for

WordPress wp-database-backup plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site request forgery vulnerability...

WordPress wp-database-backup plugin cross-site scripting vulnerability (CNVD-2019-27696)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site scripting vulnerability exists i...

WordPress wp-database-backup plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site scripting vulnerability exists i...

WordPress wp-database-backup plugin cross-site request forgery vulnerability (CNVD-2019-27694)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-database-backup plugin is a database backup and restore plugin used in it. A cross-site request forgery vulnerability...

CVE-2019-14949

The wp-database-backup plugin before 5.1.2 for WordPress has XSS...