cleantalk
Vulnerabilities and Security Researches

BackWPup – WordPress Backup Plugin, CVE-2011-5208

CVE, Research URL

CVE-2011-5208

Home page URL

Security reports for BackWPup – WordPress Backup Plugin

Application

BackWPup – WordPress Backup Plugin

Published on
Oct 09, 2012
Research Description
Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the wpabs parameter to (1) app/options-view_log-iframe.php or (2) app/options-runnow-iframe.php.
Affected versions
Min -, max 2.1.5.
Status
vulnerable
Previous vulnerability researches
BackWPup – WordPress Backup Plugin , May 27, 2025
BackWPup – WordPress Backup Plugin (CVE-2017-2551) , Jun 07, 2024
BackWPup – WordPress Backup Plugin (CVE-2011-5208) , Jun 07, 2024
BackWPup – WordPress Backup Plugin (CVE-2013-4626) , Jun 07, 2024
BackWPup – WordPress Backup Plugin (CVE-2011-4342) , Jun 07, 2024
New vulnerability
All-in-One Addons for Elementor – WidgetKit (CVE-2025-49074) , Jun 15, 2025
ElementInvader Addons for Elementor (CVE-2025-48288) , Jun 15, 2025
Falang multilanguage for WordPress (CVE-2025-48285) , Jun 15, 2025
Social Sharing Plugin – Sassy Social Share (CVE-2025-5528) , Jun 15, 2025
PSW – Login and registration (CVE-2025-4607) , Jun 15, 2025