This page lists publicly disclosed CVE vulnerabilities affecting deliciousbrains database_backup (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-1577 | The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule | [email protected] | 5.4 | 0.40% | 2022-06-08 | 2024-11-21 |
| CVE-2022-0255 | The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue | [email protected] | 7.2 | 1.26% | 2022-02-21 | 2024-11-21 |
| CVE-2021-24322 | The Database Backup for WordPress plugin before 2.4 did not escape the backup_recipient POST parameter in before output it back in the attribute of an HTML tag, leading to a Stored Cross-Site Scripting issue. | [email protected] | 5.4 | 0.70% | 2021-06-01 | 2024-11-21 |