CVE-2026-4029

HIGH

Database Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Database Export

Title source: cna

Description

The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check. This makes it possible for unauthenticated attackers to export database tables, leading to Sensitive Information Exposure. Note: This vulnerability is only exploitable in WordPress Multisite environments where the deprecated is_site_admin() function exists.

References (5)

Core 5

Core References

https://www.wordfence.com/threat-intel/vulnerabilities/id/d4a21d0d-f455-4901-a04b-13c891cf8f75?source=cve

https://plugins.trac.wordpress.org/browser/wp-db-backup/tags/2.5.2/wp-db-backup.php#L1623

https://plugins.trac.wordpress.org/browser/wp-db-backup/trunk/wp-db-backup.php#L1632

https://plugins.trac.wordpress.org/browser/wp-db-backup/trunk/wp-db-backup.php#L153

https://plugins.trac.wordpress.org/changeset/3510595/

Scores

CVSS v3 7.5

EPSS 0.0029

EPSS Percentile 20.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-862

Status published

Products (1)

wpengine/Database Backup for WordPress < 2.5.2

Published May 14, 2026

Tracked Since May 14, 2026