cleantalk
Vulnerabilities and Security Researches

WP-DBManager, c4f629e11b2b4b566dd4cd877a7235b5f19b5953

CVE, Research URL

c4f629e11b2b4b566dd4cd877a7235b5f19b5953

Home page URL

Security reports for WP-DBManager

Application

WP-DBManager

Published on
Oct 22, 2018
Research Description
WP-DBManager [wp-dbmanager] < 2.79.2 WP-DBManager <= 2.79.1 - Directory Traversal Allowing Arbitrary File Deletion The WP-DBManager plugin for WordPress is vulnerable to Directory Traversal allowing arbitrary file deletion in versions up to, and including, 2.79.1. This allows authenticated high-privilege attackers to delete arbitrary files, which can be used to reset a site and gain administrative access.
Affected versions
max 2.79.2.
Status
vulnerable
Previous vulnerability researches
Elizaibots (CVE-2025-49893) , Aug 20, 2025
Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026
New vulnerability
Adsmonetizer (ee7ab55ad6e2bb41f4aa956322bd479e7e4c4f4e) , Jun 16, 2026
Adsmonetizer (b67d7ea843cd507773feb2eb5c0bdf94a999deed) , Jun 16, 2026
Fullscreen Menu (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Fullscreen Menu (1cbc2c6bceb36628bec11fa5d0f226e1afa558e1) , Jun 16, 2026
Optimize Database after Deleting Revisions (1bf13d2a-9492-4f90-9ece-e5da5b132476) , Jun 16, 2026