Product

Database Backup for WordPress Plugin <= 2.5.2

3 briefs RSS

CVE-2026-4031 - Database Backup for WordPress Plugin Authorization Bypass

CVE-2026-4031 is an authorization bypass vulnerability in the Database Backup for WordPress plugin (<= 2.5.2) that allows unauthenticated attackers to intercept database backup files by manipulating the backup directory via the wp_db_temp_dir parameter, leading to sensitive information exposure.

Database Backup for WordPress plugin <= 2.5.2 wordpress authorization-bypass sensitive-data-exposure cve

2r 1t 1c 56m ago

high advisory

Database Backup for WordPress Plugin Arbitrary File Read and Deletion Vulnerability (CVE-2026-4030)

2 rules 1 CVE

The Database Backup for WordPress plugin before 2.5.3 is vulnerable to unauthenticated arbitrary file read and deletion due to improper authorization checks and user-controlled backup directories, leading to sensitive information exposure and potential site takeover on WordPress Multisite environments.

Database Backup for WordPress plugin <= 2.5.2 wordpress file_read file_deletion cve

2r 1c 56m ago

high advisory

CVE-2026-4029: Database Backup for WordPress Plugin Unauthorized Database Export

2 rules 1 TTP 1 CVE

The Database Backup for WordPress plugin up to version 2.5.2 is vulnerable to unauthorized database export due to improper authorization enforcement, allowing unauthenticated attackers to export database tables in WordPress Multisite environments.

Database Backup for WordPress plugin <= 2.5.2 cve wordpress database backup unauthenticated access data exfiltration

2r 1t 1c 57m ago