VYPR

Keep Backup Daily

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-48024HigOct 17, 2024
    risk 0.49cvss 7.5epss 0.00

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Retrieve Embedded Sensitive Data.This issue affects Keep Backup Daily: from n/a through <= 2.1.3.

  • CVE-2022-1820MedJun 13, 2022
    risk 0.40cvss 6.1epss 0.01

    The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject…

  • CVE-2025-26779MedFeb 16, 2025
    risk 0.32cvss 4.9epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Path Traversal.This issue affects Keep Backup Daily: from n/a through <= 2.1.0.

  • CVE-2026-3577MedMar 21, 2026
    risk 0.29cvss 4.4epss 0.00

    The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias (`val` parameter) in the `update_kbd_bkup_alias` AJAX action in all versions up to, and including, 2.1.2. This is due to insufficient input sanitization and output…

  • CVE-2026-3339LowMar 21, 2026
    risk 0.18cvss 2.7epss 0.00

    The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the `kbd_open_upload_dir` AJAX action. This is due to insufficient validation of the `kbd_path` parameter, which is only sanitized with…