Vulnerabilities and security researches forwp-database-backup wp-database-backup

Direction: ascending

Jun 07, 2024

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10875

CVE, Research URL: CVE-2016-10875
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 12, 2019
Research Description: The wp-database-backup plugin before 4.3.1 for WordPress has XSS.
Affected versions: max 4.3.1.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2022-2271

CVE, Research URL: CVE-2022-2271
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Sep 05, 2022
Research Description: The WP Database Backup WordPress plugin before 5.9 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: max 5.9.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2020-7241

CVE, Research URL: CVE-2020-7241
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Jan 21, 2020
Research Description: The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/. This might allow attackers to read ZIP archives by guessing random ID numbers, guessing date strings with a 2020_{0..1}{0..2}_{0..3}{0..9} format, guessing UNIX timestamps, and making HTTPS requests with the complete guessed URL.
Affected versions: max 5.5.1.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10873

CVE, Research URL: CVE-2016-10873
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 12, 2019
Research Description: The wp-database-backup plugin before 4.3.3 for WordPress has XSS.
Affected versions: max 4.3.3.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10874

CVE, Research URL: CVE-2016-10874
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 12, 2019
Research Description: The wp-database-backup plugin before 4.3.3 for WordPress has CSRF.
Affected versions: max 4.3.3.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10876

CVE, Research URL: CVE-2016-10876
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 12, 2019
Research Description: The wp-database-backup plugin before 4.3.1 for WordPress has CSRF.
Affected versions: max 4.3.1.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2019-14949

CVE, Research URL: CVE-2019-14949
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 12, 2019
Research Description: The wp-database-backup plugin before 5.1.2 for WordPress has XSS.
Affected versions: max 5.1.2.
Status: vulnerable

Jan 09, 2025

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2024-12330

CVE, Research URL: CVE-2024-12330
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Jan 09, 2025
Research Description: The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.3 via publicly accessible back-up files. This makes it possible for unauthenticated attackers to extract sensitive data including all information stored in the database.
Affected versions: max 7.4.
Status: vulnerable

Jul 27, 2025

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2019-25224

CVE, Research URL: CVE-2019-25224
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Jul 25, 2025
Research Description: The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system.
Affected versions: max 5.2.
Status: vulnerable

Jun 16, 2026

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # a0f2bd4fcca969d411c18e2794c3aadd6fa1b614

CVE, Research URL: a0f2bd4fcca969d411c18e2794c3aadd6fa1b614
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: May 29, 2019
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 5.2 WordPress WP Database Backup plugin <= 5.1.2 - Unauthenticated OS Command Injection vulnerability Unauthenticated OS Command Injection vulnerability found by WordFence in WordPress WP Database Backup plugin (versions <= 5.1.2).
Affected versions: max 5.2.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 38f512f7f5a5d92ca7f6ebdbf5f9cede2877497e

CVE, Research URL: 38f512f7f5a5d92ca7f6ebdbf5f9cede2877497e
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 20, 2015
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 3.4 WordPress Database Backup Plugin <= 3.3 - Stored Cross-Site Scripting Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Update the plugin.
Affected versions: max 3.4.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 97ab56e90736ddcdfb6361b5f4fdf8f38985a6c0

CVE, Research URL: 97ab56e90736ddcdfb6361b5f4fdf8f38985a6c0
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 09, 2022
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 5.9 WP Database Backup <= 5.9 - Authenticated (Admin+) Stored Cross-Site Scripting The WP Database Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 5.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Affected versions: max 5.9.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 96f997b292e2c68707719129186681dfeee90f5e

CVE, Research URL: 96f997b292e2c68707719129186681dfeee90f5e
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Apr 24, 2019
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 5.2 WP Database Backup < 5.2 - Unauthenticated OS Command Injection The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system.
Affected versions: max 5.2.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 704a2eadf17955f7d5fcbffebd9a4bd7c0eb7d2a

CVE, Research URL: 704a2eadf17955f7d5fcbffebd9a4bd7c0eb7d2a
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Oct 21, 2016
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 4.3.6 WP Database Backup <= 4.3.5 - Cross-Site Request Forgery The WP Database Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.5. This is due to missing or incorrect nonce validation on the wp_db_backup_admin_init() function. This makes it possible for unauthenticated attackers to modify backups via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: max 4.3.6.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 6b9e2d2e-9586-4a9f-a845-72d96151e3ae

CVE, Research URL: 6b9e2d2e-9586-4a9f-a845-72d96151e3ae
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: -
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 3.4 WP Database Backup <= 3.3 - Authenticated Stored Cross-Site Scripting (XSS) The WP Database Backup WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting (XSS) security vulnerability.
Affected versions: max 3.4.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # cc1214c74076aeb56cfaa73e4b7446fd38e1e1e6

CVE, Research URL: cc1214c74076aeb56cfaa73e4b7446fd38e1e1e6
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Mar 24, 2019
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 5.1.3 WP Database Backup <= 5.1.2 - Unauthenticated Settings Update to Remote Code Execution The WP Database Backup plugin for WordPress is vulnerable to unauthenticated settings update that can lead to remote code execution via the wpsetting functionality in versions up to, and including, 5.1.2. This makes it possible for unauthenticated attackers to inject malicious code into settings that will execute when a back-up is triggered by an unsuspecting user.
Affected versions: max 5.1.3.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 5392d8a2413a908893a03555bc9454152ca01a29

CVE, Research URL: 5392d8a2413a908893a03555bc9454152ca01a29
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: Aug 20, 2015
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 3.4 WP Database Backup < 3.4 - Authenticated Stored Cross-Site Scripting The WP Database Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions before 3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: max 3.4.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 7d2cb22b-84ef-4b9c-8116-5a0e0eb0c521

CVE, Research URL: 7d2cb22b-84ef-4b9c-8116-5a0e0eb0c521
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: -
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 5.2 WP Database Backup <= 5.1.2 - Unauthenticated OS Command Injection The WP Database Backup WordPress plugin was affected by an Unauthenticated OS Command Injection security vulnerability.
Affected versions: max 5.2.
Status: vulnerable

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 82e5e687-e45c-405a-a892-b8e3de192f5c

CVE, Research URL: 82e5e687-e45c-405a-a892-b8e3de192f5c
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Date: -
Research Description: WP Database Backup – Unlimited Database & Files Backup by Backup for WP [wp-database-backup] < 4.3.6 WP Database Backup <= 4.3.5 - Cross-Site Request Forgery (CSRF) The WP Database Backup WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.
Affected versions: max 4.3.6.
Status: vulnerable

Vulnerabilities and security researches forwp-database-backup wp-database-backup

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2016-10875

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2022-2271

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2020-7241

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2016-10873

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2016-10874

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2016-10876

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2019-14949

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2024-12330

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # CVE-2019-25224

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # a0f2bd4fcca969d411c18e2794c3aadd6fa1b614

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 38f512f7f5a5d92ca7f6ebdbf5f9cede2877497e

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 97ab56e90736ddcdfb6361b5f4fdf8f38985a6c0

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 96f997b292e2c68707719129186681dfeee90f5e

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 704a2eadf17955f7d5fcbffebd9a4bd7c0eb7d2a

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 6b9e2d2e-9586-4a9f-a845-72d96151e3ae

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # cc1214c74076aeb56cfaa73e4b7446fd38e1e1e6

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 5392d8a2413a908893a03555bc9454152ca01a29

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 7d2cb22b-84ef-4b9c-8116-5a0e0eb0c521

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP # 82e5e687-e45c-405a-a892-b8e3de192f5c

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10875

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2022-2271

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2020-7241

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10873

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10874

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2016-10876

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2019-14949

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2024-12330

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # CVE-2019-25224

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # a0f2bd4fcca969d411c18e2794c3aadd6fa1b614

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 38f512f7f5a5d92ca7f6ebdbf5f9cede2877497e

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 97ab56e90736ddcdfb6361b5f4fdf8f38985a6c0

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 96f997b292e2c68707719129186681dfeee90f5e

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 704a2eadf17955f7d5fcbffebd9a4bd7c0eb7d2a

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 6b9e2d2e-9586-4a9f-a845-72d96151e3ae

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # cc1214c74076aeb56cfaa73e4b7446fd38e1e1e6

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 5392d8a2413a908893a03555bc9454152ca01a29

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 7d2cb22b-84ef-4b9c-8116-5a0e0eb0c521

WP Database Backup – Unlimited Database & Files Backup by Backup for WP # 82e5e687-e45c-405a-a892-b8e3de192f5c