cleantalk
Vulnerabilities and Security Researches

Backup Migration, CVE-2023-54346

CVE, Research URL

CVE-2023-54346

Home page URL

Security reports for Backup Migration

Application

Backup Migration

Published on
May 05, 2026
Research Description
WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers can enumerate backup directories through configuration files and complete logs, then construct direct download URLs to retrieve sensitive backup archives containing full database dumps.
Affected versions
max 1.2.8.
Status
vulnerable
Previous vulnerability researches
Geo2 Maps Add-on for NextGEN Gallery (4624f982-a331-414c-88c3-12761807ec95) , Jun 07, 2024
New vulnerability
Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition (CVE-2026-40797) , May 08, 2026
WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance (CVE-2026-7252) , May 08, 2026
WordPress Gallery Plugin – NextGEN Gallery (CVE-2025-2537) , May 08, 2026
Backup Migration (CVE-2023-54346) , May 08, 2026
Forminator – Contact Form, Payment Form & Custom Form Builder (CVE-2026-6222) , May 07, 2026