VYPR

Backup Bolt

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-49040MedAug 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt Backup Bolt backup-bolt allows Cross Site Request Forgery.This issue affects Backup Bolt: from n/a through <= 1.5.0.

  • CVE-2025-10306LowOct 3, 2025
    risk 0.25cvss 3.8epss 0.00

    The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the process_backup_batch() function. This makes it possible for authenticated attackers, with Administrator-level access and…

  • CVE-2023-7236Mar 18, 2024
    risk 0.00cvss epss 0.01

    The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain…