High severity8.1NVD Advisory· Published Apr 5, 2021· Updated Jun 17, 2026
CVE-2021-24174
CVE-2021-24174
Description
The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Database Backupsdescription
- Range: <=1.2.2.6
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/163091/WordPress-Database-Backups-1.2.2.6-Cross-Site-Request-Forgery.htmlnvdExploitThird Party AdvisoryVDB Entry
- wpscan.com/vulnerability/350c3e9a-bcc2-486a-90e6-d1dc13ce1bd5nvdThird Party Advisory
News mentions
0No linked articles in our index yet.