VYPR
Vendor

Jetbackup

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2020-36669HigMar 7, 2023
    risk 0.57cvss 8.8epss 0.00

    The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.3.9. This is due to missing nonce validation on the backup_guard_get_import_backup() function. This makes it possible for…

  • CVE-2020-36667MedMar 7, 2023
    risk 0.35cvss 5.4epss 0.00

    The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backup_guard_cloud_dropbox, backup_guard_cloud_gdrive, and…

  • CVE-2026-4853MedApr 17, 2026
    risk 0.32cvss 4.9epss 0.01

    The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up to and including 3.1.19.8. This is due to insufficient input validation on the fileName parameter in the file upload handler.…

  • CVE-2020-36668MedMar 7, 2023
    risk 0.28cvss 4.3epss 0.01

    The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backup_guard_get_manual_modal function called via an AJAX action. This…

  • CVE-2023-7165Feb 27, 2024
    risk 0.03cvss epss 0.02

    The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files.