Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wpseeds wp database backup vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2271
The WP Database Backup WordPress plugin prior to 5.9 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
Wpseeds Wp Database Backup
5
CVSSv2
CVE-2020-7241
The WP Database Backup plugin up to and including 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/. This might allow malicious users to read ZIP archives by guessing random ID numbers, guessing date strings with a 2020_{0..1}{0....
Wpseeds Wp Database Backup
1 Github repository
4.3
CVSSv2
CVE-2019-14949
The wp-database-backup plugin prior to 5.1.2 for WordPress has XSS.