cleantalk
Vulnerabilities and Security Researches

Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid, CVE-2020-36848

CVE, Research URL

CVE-2020-36848

Home page URL

Security reports for Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid

Application

Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid

Published on
Jul 12, 2025
Research Description
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to find the location of back-up files and subsequently download them.
Affected versions
max 1.14.10.
Status
vulnerable
Previous vulnerability researches
Social Photo Gallery (CVE-2019-14467) , Jun 06, 2024
Photo Gallery ( Responsive ) (CVE-2025-27276) , Feb 26, 2025
Image Gallery – Responsive Photo Gallery (CVE-2025-24697) , Feb 05, 2025
Image Gallery – Responsive Photo Gallery (CVE-2024-12403) , Jan 16, 2025
ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 (CVE-2023-1427) , Jun 06, 2024
New vulnerability
Custom WooCommerce Checkout Fields Editor (CVE-2023-33999) , Jun 13, 2026
Elementor Stripe Payment (CVE-2023-33999) , Jun 13, 2026
Contact Form DB Divi (CVE-2023-33999) , Jun 13, 2026
WP SecureSubmit (CVE-2024-56270) , Jun 13, 2026
WP Delicious – Best WordPress Recipes Plugin (formerly Delicious Recipes) (CVE-2023-33999) , Jun 13, 2026