WP Database Backup – Unlimited Database & Files Backup by Backup for WP

Vulnerabilities 19Slug wp-database-backupLatest version 7.10WordPress.org →

Minimum safe version

7.4

Update to 7.4 or later to address 19 fixable vulnerabilities

Latest available7.10 ✓

Critical 9.8

2025-07-25< 5.2

CVE-2019-25224

CVE

High 7.5

2025-01-09< 7.4

CVE-2024-12330

CVE Patchstack Wordfence

N/A

< 3.4

WP Database Backup <= 3.3 - Authenticated Stored Cross-Site Scripting (XSS)

WPScan

N/A

< 4.3.6

WP Database Backup <= 4.3.5 - Cross-Site Request Forgery (CSRF)

WPScan

N/A

< 5.2

WP Database Backup <= 5.1.2 - Unauthenticated OS Command Injection

WPScan

N/A

2015-08-20< 3.4

WP Database Backup < 3.4 - Authenticated Stored Cross-Site Scripting

Wordfence

N/A

2016-10-21< 4.3.6

WP Database Backup <= 4.3.5 - Cross-Site Request Forgery

Wordfence

N/A

2019-03-24< 5.1.3

WP Database Backup <= 5.1.2 - Unauthenticated Settings Update to Remote Code Execution

Wordfence

N/A

2019-04-24< 5.2

WP Database Backup < 5.2 - Unauthenticated OS Command Injection

Wordfence

N/A

2022-08-09< 5.9

WP Database Backup <= 5.9 - Authenticated (Admin+) Stored Cross-Site Scripting

Wordfence

Medium 4.8

2022-09-05< 5.9

CVE-2022-2271

CVE Patchstack Wordfence Wordfence WPScan

N/A

2015-08-20< 3.4

WordPress Database Backup Plugin <= 3.3 - Stored Cross-Site Scripting

Patchstack

N/A

2019-05-29< 5.2

WordPress WP Database Backup plugin <= 5.1.2 - Unauthenticated OS Command Injection vulnerability

Patchstack

Medium 6.1

2019-08-12< 5.1.2

CVE-2019-14949

CVE Wordfence WPScan

High 8.8

2019-08-12< 4.3.1

CVE-2016-10876

CVE Wordfence

Medium 6.1

2019-08-12< 4.3.1

CVE-2016-10875

CVE Wordfence WPScan

High 8.8

2019-08-12< 4.3.3

CVE-2016-10874

CVE Wordfence WPScan

Medium 6.1

2019-08-12< 4.3.3

CVE-2016-10873

CVE Wordfence

High 7.5

2020-02-06< 5.5.1

WP Database Backup <= 5.5 - Unauthenticated Information Disclosure

Wordfence CVE