VYPR

Bears Backup

by WordPress

CVEs (1)

  • CVE-2025-5396CriJul 17, 2025
    risk 0.64cvss 9.8epss 0.01

    The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackup_ajax_handle() function not having a capability check, nor validating user supplied input passed directly to call_user_func(). This…