CVE-2026-1311

HIGH

Worry Proof Backup Plugin <0.2.4 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-1311. PoCs published by XiaomingX, hacker1337itme.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-1311, targeting a path traversal vulnerability in the Worry Proof Backup WordPress plugin (versions ≤ 0.2.4). The exploit includes a ZIP payload generator and an automated script to achieve remote code execution (RCE) via malicious file uploads.

Description

The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.2.4 via the backup upload functionality. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload a malicious ZIP archive with path traversal sequences to write arbitrary files anywhere on the server, including executable PHP files. This can lead to remote code execution.

Exploits (2)

github WORKING POC 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-1311

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2026-1311, targeting a path traversal vulnerability in the Worry Proof Backup WordPress plugin (versions ≤ 0.2.4). The exploit includes a ZIP payload generator and an automated script to achieve remote code execution (RCE) via malicious file uploads.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Worry Proof Backup WordPress Plugin ≤ 0.2.4

Auth required

Prerequisites: WordPress site with vulnerable plugin · Subscriber-level credentials · Ability to upload ZIP files

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 14, 2026 Full analysis →

nomisec WORKING POC

by hacker1337itme · poc

https://github.com/hacker1337itme/CVE-2026-1311

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2026-1311, targeting a path traversal vulnerability in the Worry Proof Backup WordPress plugin (≤ 0.2.4). The exploit includes a ZIP payload generator and an automated script to achieve remote code execution via malicious file uploads.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Worry Proof Backup WordPress Plugin ≤ 0.2.4

Auth required

Prerequisites: WordPress site with vulnerable plugin · Subscriber-level credentials

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 13, 2026 Full analysis →

References (3)

Core 3

Core References

Product

https://plugins.trac.wordpress.org/browser/worry-proof-backup/tags/0.2.4/inc/libs/upload-backup.php#L97

Product

https://plugins.trac.wordpress.org/browser/worry-proof-backup/trunk/inc/libs/upload-backup.php#L97

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/3ffd6ce0-2536-43a5-9925-438bc653d0e5?source=cve

Scores

CVSS v3 8.8

EPSS 0.0073

EPSS Percentile 49.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-22

Status published

Products (1)

bearsthemes/Worry Proof Backup < 0.2.4

Published Feb 26, 2026

Tracked Since Feb 26, 2026