Total Upkeep
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-4932 | Med | 0.28 | 4.3 | 0.01 | Mar 7, 2023 | The Total Upkeep plugin for WordPress is vulnerable to information disclosure in versions up to, and including 1.14.13. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated… | ||
| CVE-2020-36848 | 0.02 | — | 0.01 | Jul 12, 2025 | The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for… | |||
| CVE-2024-9461 | 0.01 | — | 0.01 | Nov 26, 2024 | The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the cron_interval parameter. This is due to missing input validation and sanitization.… | |||
| CVE-2025-2257 | 0.00 | — | 0.01 | Mar 26, 2025 | The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compression_level setting. This is due to the plugin using the compression_level… | |||
| CVE-2024-13907 | 0.00 | — | 0.00 | Feb 27, 2025 | The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with… |
- risk 0.28cvss 4.3epss 0.01
The Total Upkeep plugin for WordPress is vulnerable to information disclosure in versions up to, and including 1.14.13. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated…
- CVE-2020-36848Jul 12, 2025risk 0.02cvss —epss 0.01
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for…
- CVE-2024-9461Nov 26, 2024risk 0.01cvss —epss 0.01
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the cron_interval parameter. This is due to missing input validation and sanitization.…
- CVE-2025-2257Mar 26, 2025risk 0.00cvss —epss 0.01
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compression_level setting. This is due to the plugin using the compression_level…
- CVE-2024-13907Feb 27, 2025risk 0.00cvss —epss 0.00
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with…