Approved changes feed: RSS · Atom

cpe:2.3:a:everestthemes:everest_backup:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorEverestthemes (0d257672-dece-5f25-8aeb-b35effe2926a)
ProductEverest Backup (249b481c-857e-51a6-86dd-31cb2dacc3db)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-62992 vulnerable 2026-06-08 07:39:17.134122 WordPress Everest Backup plugin <= 2.3.11 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM (6.5)
Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11.
Published: 2025-12-31T08:59:00.974Z
Updated: 2026-04-28T16:14:08.172Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-10028 vulnerable 2026-06-08 06:22:03.439794 Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat Log
HIGH (7.5)
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site's backup.
Published: 2024-11-05T23:28:42.426Z
Updated: 2026-04-08T17:11:16.670Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-7201 vulnerable 2026-06-08 06:21:57.254590 Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload
The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
Published: 2024-04-15T05:00:01.572Z
Updated: 2024-08-09T20:01:33.240Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-52185 vulnerable 2026-06-08 06:17:54.409739 WordPress Everest Backup Plugin <= 2.1.9 is vulnerable to Sensitive Data Exposure
MEDIUM (5.3)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9.
Published: 2023-12-31T16:50:39.274Z
Updated: 2026-04-28T16:09:05.802Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.