VYPR

Database Toolset

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-3065CriApr 24, 2025
    risk 0.59cvss 9.1epss 0.01

    The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily…

  • CVE-2025-32633HigApr 11, 2025
    risk 0.56cvss 8.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in neoslab Database Toolset database-toolset allows Path Traversal.This issue affects Database Toolset: from n/a through <= 1.8.4.

  • CVE-2025-4222MedMay 3, 2025
    risk 0.38cvss 5.9epss 0.00

    The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.4 via backup files stored in a publicly accessible location. This makes it possible for unauthenticated attackers to extract sensitive data from…