WordPress Plugin Vulnerabilities
WP Database Backup < 7.4 - Unauthenticated Database Back-Up Exposure
Description
The plugin is vulnerable to Sensitive Information Exposure via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensitive data including all information stored in the database.
Affects Plugins
Fixed in 7.4 References
Classification
Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Noah Stead (TurtleBurg)
Verified
No
WPVDB ID
Timeline
Publicly Published
2025-01-08 (about 1 year ago)
Added
2025-01-13 (about 1 year ago)
Last Updated
2025-01-13 (about 1 year ago)
WPScan 