cleantalk
Vulnerabilities and Security Researches

WP Database Backup – Unlimited Database & Files Backup by Backup for WP, 704a2eadf17955f7d5fcbffebd9a4bd7c0eb7d2a

CVE, Research URL

704a2eadf17955f7d5fcbffebd9a4bd7c0eb7d2a

Home page URL

Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP

Application

WP Database Backup – Unlimited Database & Files Backup by Backup for WP

Published on
Oct 21, 2016
Research Description
WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP [wp-database-backup] < 4.3.6 WP Database Backup <= 4.3.5 - Cross-Site Request Forgery The WP Database Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.5. This is due to missing or incorrect nonce validation on the wp_db_backup_admin_init() function. This makes it possible for unauthenticated attackers to modify backups via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
max 4.3.6.
Status
vulnerable
Previous vulnerability researches
Help Center by BestWebSoft (CVE-2017-2171) , Jun 07, 2024
Help Center by BestWebSoft (CVE-2017-18542) , Jun 07, 2024
Help Center by BestWebSoft (efd816c3-90d4-40bf-850a-0e4c1a756694) , Jun 16, 2026
New vulnerability
WP Easy Gallery &#8211; WordPress Gallery Plugin (e0c5f2482ad1ce5df242acb8fafefe9e7a978755) , Jun 16, 2026
WP Easy Gallery &#8211; WordPress Gallery Plugin (ab594533baaa27f6a7256975f5732c6a017c0199) , Jun 16, 2026
WP Easy Gallery &#8211; WordPress Gallery Plugin (8b2500493153f2af740d2c17daa0e9e6378e2634) , Jun 16, 2026
WP Easy Gallery &#8211; WordPress Gallery Plugin (f55605a14004ca6c080eceedd992e8adb89d1740) , Jun 16, 2026
WP Easy Gallery &#8211; WordPress Gallery Plugin (dfd6073e9cb1a83bb2e78c40fb73b756268e128c) , Jun 16, 2026