浏览 52+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6227 | BackWPup <= 5.6.6 - Authenticated (Administrator+) Local File Inclusion via 'block_name' Parameter | wp_media | BackWPup – WordPress Backup & Restore Plugin | High | 7.2 | 2026-04-14 02:25:48 | Deep Dive |
| CVE-2026-4305 | Royal WordPress Backup & Restore Plugin <= 1.0.16 - Reflected Cross-Site Scripting via 'wpr_pending_template' Parameter | wproyal | Royal WordPress Backup, Restore & Migration Plugin – Backup WordPress Sites Safely | Medium | 6.1 | 2026-04-10 01:25:01 | Deep Dive |
| CVE-2025-15041 | BackWPup <= 5.6.2 - Authenticated (BackWPup Helper+) Privilege Escalation via Arbitrary Options Update | wp_media | BackWPup – WordPress Backup & Restore Plugin | High | 7.2 | 2026-02-19 04:36:08 | Deep Dive |
| CVE-2023-53907 | Bludit 3.13.1 Authenticated Arbitrary File Download via Backup Plugin | Bludit | Backup Plugin | Medium | 6.5 | 2025-12-17 22:44:46 | Deep Dive |
| CVE-2025-10304 | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 - Missing Authorization to Unauthenticated Backup Failure | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | Medium | 5.3 | 2025-12-03 03:27:15 | Deep Dive |
| CVE-2025-10579 | BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure | wp_media | BackWPup – WordPress Backup & Restore Plugin | Medium | 5.3 | 2025-10-25 04:22:44 | Deep Dive |
| CVE-2025-11380 | Everest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | Medium | 5.9 | 2025-10-11 02:24:52 | Deep Dive |
| CVE-2025-9993 | Bei Fen – WordPress Backup Plugin <= 1.4.2 - Authenticated (Subscriber+) Local File Inclusion | d3rd4v1d | Bei Fen – WordPress Backup Plugin | High | 8.1 | 2025-09-30 03:35:27 | Deep Dive |
| CVE-2020-36848 | Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | High | 7.5 | 2025-07-12 11:23:40 | Deep Dive |
| CVE-2025-3104 | WP Staging Pro <= 6.1.2 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function | WPStaging | WP STAGING Pro WordPress Backup Plugin | Medium | 5.3 | 2025-04-16 08:22:17 | Deep Dive |
| CVE-2025-2257 | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | High | 7.2 | 2025-03-26 08:21:50 | Deep Dive |
| CVE-2025-24832 | Acronis Backup plugin for cPanel & WHM (Linux)和Acronis Backup extension for Plesk (Linux) 安全漏洞 | Acronis | Acronis Backup plugin for cPanel & WHM | 中危 | - | 2025-02-27 23:00:17 | Deep Dive |
| CVE-2024-13907 | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | Medium | 4.9 | 2025-02-27 06:48:39 | Deep Dive |
| CVE-2025-0215 | UpdraftPlus - Backup/Restore <= 1.24.12 - Reflected Cross-Site Scripting | davidanderson | UpdraftPlus: WP Backup & Migration Plugin | Medium | 6.1 | 2025-01-15 22:23:33 | Deep Dive |
| CVE-2024-10957 | UpdraftPlus: WP Backup & Migration Plugin 1.23.8 - 1.24.11 - Unauthenticated PHP Object Injection | davidanderson | UpdraftPlus: WP Backup & Migration Plugin | High | 8.8 | 2025-01-04 13:41:08 | Deep Dive |
| CVE-2023-28165 | WordPress Backup Bank: WordPress Backup Plugin plugin <= 4.0.28 - Broken Access Control vulnerability | Varun Sharma | Backup Bank: WordPress Backup Plugin | Medium | 4.3 | 2024-12-09 11:31:20 | Deep Dive |
| CVE-2024-9461 | Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | High | 7.2 | 2024-11-26 13:56:54 | Deep Dive |
| CVE-2024-34015 | Acronis Backup plugin for cPanel & WHM (Linux) 安全漏洞 | Acronis | Acronis Backup plugin for cPanel & WHM | 低危 | - | 2024-11-11 13:21:00 | Deep Dive |
| CVE-2024-34014 | Acronis多款产品 安全漏洞 | Acronis | Acronis Backup plugin for cPanel & WHM | 中危 | - | 2024-11-11 13:20:34 | Deep Dive |
| CVE-2024-10028 | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat Log | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | High | 7.5 | 2024-11-05 23:28:42 | Deep Dive |