Vulnerabilities and security researches forwp-db-backup wp-db-backup

Jun 07, 2024

CVE, Research URL: CVE-2022-1577
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: Jun 08, 2022
Research Description: The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule
Affected versions: max 2.5.2.
Status: vulnerable

CVE, Research URL: CVE-2022-0255
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: Feb 21, 2022
Research Description: The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue
Affected versions: max 2.5.1.
Status: vulnerable

CVE, Research URL: CVE-2021-24322
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: Jun 01, 2021
Research Description: The Database Backup for WordPress plugin before 2.4 did not escape the backup_recipient POST parameter in before output it back in the attribute of an HTML tag, leading to a Stored Cross-Site Scripting issue.
Affected versions: max 2.4.
Status: vulnerable

CVE, Research URL: CVE-2014-10076
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: Oct 05, 2018
Research Description: The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack.
Affected versions: max 2.3.0.
Status: vulnerable

CVE, Research URL: CVE-2006-4208
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: Aug 18, 2006
Research Description: Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php.
Affected versions: max 2.4.
Status: vulnerable

May 15, 2026

CVE, Research URL: CVE-2026-4030
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: May 14, 2026
Research Description: The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check combined with a user-controlled backup directory parameter. This makes it possible for unauthenticated attackers to read and delete arbitrary files on the server, leading to Sensitive Information Exposure and potential site takeover. Note: This vulnerability is only exploitable in WordPress Multisite environments where the deprecated is_site_admin() function exists.
Affected versions: max 2.5.3.
Status: vulnerable

CVE, Research URL: CVE-2026-4031
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: May 14, 2026
Research Description: The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db_temp_dir parameter, which controls where database backups are written. This makes it possible for unauthenticated attackers to send a request to wp-cron.php with a poisoned wp_db_temp_dir value pointing to a publicly accessible directory (e.g., wp-content/uploads/), and if a scheduled backup is due, intercept the backup file before it is cleaned up. The backup file has a predictable name based on the database name, table prefix, date, and Swatch Internet Time, making interception reliable. Successful exploitation leads to Sensitive Information Exposure including database credentials, user password hashes, and personally identifiable information. This vulnerability requires that the site administrator has configured scheduled backups.
Affected versions: max 2.5.3.
Status: vulnerable

CVE, Research URL: CVE-2026-4029
Home page URL: Security reports for Database Backup for WordPress
Application: Database Backup for WordPress
Date: May 14, 2026
Research Description: The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check. This makes it possible for unauthenticated attackers to export database tables, leading to Sensitive Information Exposure. Note: This vulnerability is only exploitable in WordPress Multisite environments where the deprecated is_site_admin() function exists.
Affected versions: max 2.5.3.
Status: vulnerable