EIP-2026-104498

PRE-CVE

WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104498. PoCs published by Wadeek.

AI-analyzed exploit summary This writeup describes an information disclosure vulnerability in WordPress Plugin Total Upkeep 1.14.9, where unauthenticated access to sensitive files reveals system details, backup paths, and plugin version.

Description

WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download

Exploits (1)

exploitdb WRITEUP

by Wadeek · textwebappsmultiple

https://www.exploit-db.com/exploits/49252

View Code ZIP pw:eip

This writeup describes an information disclosure vulnerability in WordPress Plugin Total Upkeep 1.14.9, where unauthenticated access to sensitive files reveals system details, backup paths, and plugin version.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin Total Upkeep 1.14.9

No auth needed

Prerequisites: Access to the target WordPress site

MITRE ATT&CK

T1592 - Gather Victim Host Information T1119 - Automated Collection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026