High severity7.2NVD Advisory· Published Mar 1, 2025· Updated Apr 15, 2026
CVE-2024-13911
CVE-2024-13911
Description
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35 via the /dashboard/backup.php file. This makes it possible for authenticated attackers, with Administrator-level access and above, to extract sensitive data including full database credentials.
Affected products
1- Range: <=2.35
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- plugins.trac.wordpress.org/browser/database-backup/trunk/dashboard/backup.phpnvd
- plugins.trac.wordpress.org/browser/database-backup/trunk/dashboard/backup.phpnvd
- plugins.trac.wordpress.org/browser/database-backup/trunk/dashboard/backup.phpnvd
- plugins.trac.wordpress.org/browser/database-backup/trunk/dashboard/backup.phpnvd
- plugins.trac.wordpress.org/browser/database-backup/trunk/dashboard/backup.phpnvd
- plugins.trac.wordpress.org/changeset/3247917/nvd
- www.wordfence.com/threat-intel/vulnerabilities/id/c548b70a-8566-4aaf-a3a2-fce6c19e6a0cnvd
News mentions
0No linked articles in our index yet.