Everest Backup – Wordpress Cloud Backup, Migration, Restore & Cloning Plugin
Approved changes feed: RSS · Atom
cpe:2.3:a:everestthemes:everest_backup_–_wordpress_cloud_backup,_migration,_restore_&_cloning_plugin:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Everestthemes (0d257672-dece-5f25-8aeb-b35effe2926a) |
|---|---|
| Product | Everest Backup – Wordpress Cloud Backup, Migration, Restore & Cloning Plugin (f4e82a96-89d3-5b42-bac5-a4b52db1c04d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-11380 |
vulnerable | 2026-06-08 07:02:28.681595 |
Everest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure
MEDIUM (5.9)
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to retrieve back-up file locations that can be subsequently accessed and downloaded. This does require a back-up to be running in order for an attacker to retrieve the back-up location.
Published: 2025-10-11T02:24:52.480Z
Updated: 2026-04-08T17:04:51.324Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-10304 |
vulnerable | 2026-06-08 07:02:26.684451 |
Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 - Missing Authorization to Unauthenticated Backup Failure
MEDIUM (5.3)
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the process_status_unlink() function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticated attackers to delete the back-up progress files and cause a back-up to fail while it is in progress.
Published: 2025-12-03T03:27:15.009Z
Updated: 2026-04-08T17:33:49.946Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-10028 |
vulnerable | 2026-06-08 06:22:03.441113 |
Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat Log
HIGH (7.5)
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site's backup.
Published: 2024-11-05T23:28:42.426Z
Updated: 2026-04-08T17:11:16.670Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-52185 |
vulnerable | 2026-06-08 06:17:54.409082 |
WordPress Everest Backup Plugin <= 2.1.9 is vulnerable to Sensitive Data Exposure
MEDIUM (5.3)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9.
Published: 2023-12-31T16:50:39.274Z
Updated: 2026-04-28T16:09:05.802Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.