CVE-2014-9119
NUCLEIDB Backup plugin <4.5 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Ashiyane Digital Security Team · textwebappsphp
https://www.exploit-db.com/exploits/35378
Nuclei Templates (1)
WordPress DB Backup <=4.5 - Local File Inclusion
MEDIUMby dhiyaneshDK
Scores
EPSS
0.5113
EPSS Percentile
97.9%
Details
CWE
CWE-22
Status
published
Products (1)
db_backup_project/db_backup
< 4.5
Published
Dec 31, 2014
Tracked Since
Feb 18, 2026