Backup-Guard: Security Vulnerabilities
The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.
CVSS Score
7.2
EPSS Score
0.927
Published
2021-04-05
The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-13
Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-29