Primary

Context

WP Database Backup Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability allowing sensitive information exposure exists in the WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress, affecting all versions through 7.3. The vulnerability arises from publicly accessible backup files, which unauthenticated attackers can exploit to access sensitive data, including all information stored in the database.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive database information.

Reproduction

The vulnerability can be reproduced by accessing the publicly available backup files created by the WP Database Backup plugin. These files can be downloaded without authentication, allowing anyone to retrieve the database contents.

Remediation

Users are advised to update the WP Database Backup plugin to version 7.4 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.4

remediation

7.7

relevance

0.0

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.4

remediation

7.7

relevance

0.0

threat

4.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WP Database Backup Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating