Everest Backup < 2.3.6 – Missing Authorization to Unauthenticated Information Exposure | CVE 2025-11380 | Plugin Vulnerabilities

Description

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to retrieve back-up file locations that can be subsequently accessed and downloaded. This does require a back-up to be running in order for an attacker to retrieve the back-up location.

Affects Plugins

Fixed in 2.3.6

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/869d7cab-cf21-4168-b45d-1681c76d896c

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

netranger

Verified

No

WPVDB ID

a1381a31-a523-425e-b7e2-385158bf1c86

Timeline

Publicly Published

2025-10-10 (about 8 months ago)

Added

2025-10-10 (about 8 months ago)

Last Updated

2025-10-11 (about 8 months ago)

Other

Published

Title

Published

2022-03-14

Title

Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update

Published

2025-12-11

Title

Email Subscribers & Newsletters < 5.9.11 - Unauthenticated Action Scheduler Task Execution

Published

2025-11-14

Title

All in One SEO < 4.9.0 - Contributor+ Arbitrary Media Deletion

Published

2024-12-14

Title

WooCommerce Basic Ordernumbers <= 1.4.4 - Missing Authorization

Published

2022-01-31

Title

Better Notifications for WP < 1.8.7 - Email Address Disclosure