Vulnerabilities (CVE)

Filtered by vendor Wpseeds Subscribe

Filtered by product Wp Database Backup

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-7241	1 Wpseeds	1 Wp Database Backup	2021-07-21	5.0 MEDIUM	7.5 HIGH
The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/. This might allow attackers to read ZIP archives by guessing random ID numbers, guessing date strings with a 2020_{0..1}{0..2}_{0..3}{0..9} format, guessing UNIX timestamps, and making HTTPS requests with the complete guessed URL.
CVE-2016-10874	1 Wpseeds	1 Wp Database Backup	2019-10-12	6.8 MEDIUM	8.8 HIGH
The wp-database-backup plugin before 4.3.3 for WordPress has CSRF.
CVE-2016-10876	1 Wpseeds	1 Wp Database Backup	2019-08-14	6.8 MEDIUM	8.8 HIGH
The wp-database-backup plugin before 4.3.1 for WordPress has CSRF.