VYPR

Wp Db Backup

by WordPress

Source repositories

CVEs (4)

  • CVE-2014-10076HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.02

    The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack.

  • CVE-2026-4031HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db_temp_dir parameter, which controls where database backups are written. This…

  • CVE-2014-9119Dec 31, 2014
    risk 0.04cvss epss 0.16

    Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

  • CVE-2006-4208Aug 17, 2006
    risk 0.04cvss epss 0.12

    Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php.