WordPress Plugin Vulnerabilities

WP Database Backup <= 4.3.5 - Cross-Site Request Forgery (CSRF)

Description

The WP Database Backup WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
wp-database-backup
Fixed in 4.3.6

References

URL
https://www.pluginvulnerabilities.com/2016/10/28/vulnerability-details-cross-site-request-forgery-csrf-vulnerability-in-wp-database-backup/
URL
https://plugins.trac.wordpress.org/changeset/1519207

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter
Claude Godlewski
Verified
No
WPVDB ID
82e5e687-e45c-405a-a892-b8e3de192f5c

Timeline

Publicly Published
2016-10-28 (about 9 years ago)
Added
2016-11-02 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2025-01-06
Title
Transporters.io < 2.1.2 - Stored XSS via CSRF
Published
2021-10-04
Title
Easy PayPal Buy Now Button < 1.7.3 - CSRF to Stored Cross-Site Scripting
Published
2023-10-16
Title
Who Hit The Page – Hit Counter <= 1.4.14.3 - CSRF
Published
2025-09-26
Title
Multilang Contact Form <= 1.5 - Cross-Site Request Forgery
Published
2025-02-24
Title
Namaste! LMS <= 2.6.5 - Cross-Site Request Forgery