BackWPup – WordPress Backup & Restore Plugin

Information

Software Type Plugin
Software Slug backwpup (view on wordpress.org)
Software Status Active
Software Author wp_media
Software Website backwpup.com
Software Downloads 16,224,526
Software Active Installs 600,000
Software Record Last Updated December 20, 2024

8 Vulnerabilities

Title Status CVE ID CVSS Researchers Date
BackWPup <= 4.0.1 - Authenticated (Administrator+) Directory Traversal Patched CVE-2023-5505 6.8 Marco Wotschka August 16, 2024
BackWPup <= 4.0.2 - Plaintext Storage of Backup Destination Password Patched CVE-2023-5775 2.2 Stefan Marjanov February 23, 2024
BackWPup <= 4.0.3 - Sensitive Information Exposure Patched CVE-2023-7164 7.5 Dmitrii Ignatyev December 18, 2023
BackWPup <= 4.0.1 - Authenticated (Administrator+) Directory Traversal Patched CVE-2023-5504 8.7 Marco Wotschka November 22, 2023
BackWPup <= 3.4.1 - Unauthenticated Backup Download Patched CVE-2017-2551 7.5 Larry W. Cashdollar September 8, 2017
BackWPup < 3.0.13 - Cross-Site Scripting Patched CVE-2013-4626 6.1 High-Tech Bridge Security Research Lab August 21, 2013
BackWPup <= 1.7.1 - Remote File Inclusion Patched CVE-2011-4342 9.8 Phil Taylor - Sense of Security Labs March 28, 2011
BackWPup – WordPress Backup Plugin < 1.4.1 - Directory Traversal Patched CVE-2011-5208 7.5 Danilo Massa March 2, 2011

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation