Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-10-06

CVE-2025-10306 - Backup Bolt Plugin

The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the process_backup_batch() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download directories outside of the webroot and write backup zip files to arbitrary locations.

PLUGIN Backup Bolt

CVE-2025-10306

LOW CVSS 3.8 2025-10-03

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-05-05

CVE-2023-7236 - Backup Bolt Plugin

The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive information.

PLUGIN Backup Bolt

CVE-2023-7236

MEDIUM CVSS 4.7 2024-03-18

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2025-10306 - Backup Bolt Plugin

CVE-2023-7236 - Backup Bolt Plugin

Company Links

Contact Us