VYPR

BackupGuard

by WordPress

CVEs (3)

  • CVE-2021-24155HigApr 5, 2021
    risk 0.57cvss 7.2epss 0.84

    The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.

  • CVE-2017-18488MedAug 13, 2019
    risk 0.40cvss 6.1epss 0.01

    The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues.

  • CVE-2017-10837MedAug 29, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.