Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin

Vulnerabilities 9Slug everest-backupLatest version 2.3.11WordPress.org →

Minimum safe version

2.3.9

Update to 2.3.9 or later to address 8 fixable vulnerabilities

Latest available2.3.11 ✓⚠ 1 vulnerability has no fix

High 8.1 Unfixed

2025-12-31≤ 2.3.11

WordPress Everest Backup plugin <= 2.3.11 - Cross Site Request Forgery (CSRF) vulnerability

Medium 5.3

2025-12-03< 2.3.9

CVE-2025-10304

Medium 5.3

2025-10-27< 2.3.9

CVE-2025-62946

Medium 5.9

2025-10-11< 2.3.6

CVE-2025-11380

Medium 4.3

2025-06-06< 2.3.4

CVE-2025-49238

High 7.5

2024-11-05< 2.2.14

CVE-2024-10028

Medium 6.5

2024-04-15< 2.2.5

CVE-2023-7201

Medium 5.3

2024-12-29< 2.2.0

WordPress Everest Backup Plugin <= 2.1.9 is vulnerable to Sensitive Data Exposure

N/A

< 1.0.8

Everest Backup <= 1.0.7 - Missing Authorization Checks on Backup Exports