Primary

Context

WP Staging Pro WordPress Backup Plugin Information Exposure Vulnerability

Vulnerability

A vulnerability allowing information exposure has been identified in the WP Staging Pro WordPress Backup Plugin, affecting all versions through 6.1.2. The issue arises from missing capability checks in the getOutdatedPluginsRequest() function, which enables unauthenticated attackers to access information about outdated active or inactive plugins.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of information regarding outdated plugins, both active and inactive, on the affected WordPress site.

Remediation

Users can update to WP Staging Pro version 6.1.3 or a newer patched version to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WP Staging Pro WordPress Backup Plugin Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating