CVE-2025-28954

Cross-Site Request Forgery CSRF vulnerability in wphobby Backwp backwp allows Path Traversal.This issue affects Backwp: from n/a through = 2.0.2...

CVE-2025-28954

CVE-2025-28954 (Backwp) is a CSRF vulnerability in the Backwp plugin for WordPress, affecting versions up to 2.0.2. The CVSS 3.1 base score is 7.4 (HIGH) with network access, require user interaction, and impact limited to availability (C) with availability impact HIGH. Root cause and exact explo...