cleantalk
Vulnerabilities and Security Researches

BackWPup – WordPress Backup Plugin, CVE-2013-4626

CVE, Research URL

CVE-2013-4626

Home page URL

Security reports for BackWPup – WordPress Backup Plugin

Application

BackWPup – WordPress Backup Plugin

Published on
Sep 26, 2013
Research Description
Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.
Affected versions
Min -, max 3.0.13.
Status
vulnerable
Previous vulnerability researches
BackWPup – WordPress Backup Plugin , May 27, 2025
BackWPup – WordPress Backup Plugin (CVE-2017-2551) , Jun 07, 2024
BackWPup – WordPress Backup Plugin (CVE-2011-5208) , Jun 07, 2024
BackWPup – WordPress Backup Plugin (CVE-2013-4626) , Jun 07, 2024
BackWPup – WordPress Backup Plugin (CVE-2011-4342) , Jun 07, 2024
New vulnerability
All-in-One Addons for Elementor – WidgetKit (CVE-2025-49074) , Jun 15, 2025
ElementInvader Addons for Elementor (CVE-2025-48288) , Jun 15, 2025
Falang multilanguage for WordPress (CVE-2025-48285) , Jun 15, 2025
Social Sharing Plugin – Sassy Social Share (CVE-2025-5528) , Jun 15, 2025
PSW – Login and registration (CVE-2025-4607) , Jun 15, 2025