Tag
The Database Backup for WordPress plugin before 2.5.3 is vulnerable to unauthenticated arbitrary file read and deletion due to improper authorization checks and user-controlled backup directories, leading to sensitive information exposure and potential site takeover on WordPress Multisite environments.