6 matches found
CVE-2024-24869
CVE-2024-24869 affects BoldGrid Total Upkeep (WordPress plugin)
CVE-2025-2257
CVE-2025-2257 affects the Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid for WordPress. Versions up to and including 1.16.10 are vulnerable due to unvalidated compression_level used in proc_open, enabling authenticated administrators to execute code remotely. Wordfence ...
CVE-2024-9461
CVE-2024-9461 affects the WordPress plugin “Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid.” All versions up to and including 1.16.6 are vulnerable to Remote Code Execution via the cron_interval parameter due to missing input validation/sanitization. Exploitation requir...
CVE-2022-4932
CVE-2022-4932 concerns the WordPress plugin Total Upkeep (versions up to and including 1.14.13). The root cause is missing authorization on the heartbeat_received() function triggered by WordPress heartbeat, enabling authenticated users with subscriber-level permissions and above to disclose info...
CVE-2024-13907
CVE-2024-13907 : The BoldGrid WordPress plugin “Total Upkeep” (Backup Plugin plus Restore & Migrate) is vulnerable to Server-Side Request Forgery (SSRF) in all versions up to and including 1.16.8 via the plugin’s download function. An attacker with at least Administrator+ privileges can cause the...
CVE-2020-36848
The CVE-2020-36848 issue affects the BoldGrid BoldGrid’s Total Upkeep – WordPress Backup Plugin plus Restore & Migrate (WordPress) up to version 1.14.9. The vulnerability is a Sensitive Information Exposure via env-info.php and restore-info.json, enabling unauthenticated attackers to discover and...