Search Results (5 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-47979 3 Miniorange, Wordpress, Wpbackitup 3 Backup And Restore, Wordpress, Backup And Restore Wordpress 2026-07-15 8.8 High
WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted file_name and folder_name parameters to delete arbitrary files from the WordPress installation directory.
CVE-2024-43268 2 Wordpress, Wpbackitup 2 Wordpress, Backup And Restore Wordpress 2026-04-15 5.4 Medium
Access Control vulnerability in WPBackItUp Backup and Restore WordPress allows . This issue affects Backup and Restore WordPress: from n/a through 1.50.
CVE-2024-43270 1 Wpbackitup 1 Wp Backitup 2026-04-15 5.3 Medium
Missing Authorization vulnerability in WPBackItUp Backup and Restore WordPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Backup and Restore WordPress: from n/a through 1.50.
CVE-2023-7232 1 Wpbackitup 1 Backup And Restore Wordpress 2025-05-07 5.3 Medium
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data
CVE-2024-43269 1 Wpbackitup 1 Backup And Restore Wordpress 2024-09-12 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This issue affects Backup and Restore WordPress: from n/a through 1.50.