Skip to main content

Backup And Staging By Wp Time Capsule

2 CVEs product

Monthly

CVE-2026-8996 MEDIUM This Month

Sensitive information exposure in the Backup and Staging by WP Time Capsule WordPress plugin (all versions through 1.22.26) allows authenticated attackers with subscriber-level access to download a previously admin-decrypted SQL database backup via the unprotected `download_recent_decrypted_file_wptc` endpoint. The downloaded backup typically contains WordPress password hashes, user credentials, and site configuration data stored in the `recent_decrypted_file` plugin option. No public exploit code exists at time of analysis, but the vulnerability is conditionally exploitable wherever subscriber-level user registration is enabled and an administrator has recently used the plugin's decrypt function.

Authentication Bypass WordPress Information Disclosure Backup And Staging By Wp Time Capsule
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-8856 CRITICAL POC PATCH THREAT Act Now

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

RCE WordPress PHP File Upload Backup And Staging By Wp Time Capsule
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
93.7%
EPSS 0% CVSS 6.5
MEDIUM This Month

Sensitive information exposure in the Backup and Staging by WP Time Capsule WordPress plugin (all versions through 1.22.26) allows authenticated attackers with subscriber-level access to download a previously admin-decrypted SQL database backup via the unprotected `download_recent_decrypted_file_wptc` endpoint. The downloaded backup typically contains WordPress password hashes, user credentials, and site configuration data stored in the `recent_decrypted_file` plugin option. No public exploit code exists at time of analysis, but the vulnerability is conditionally exploitable wherever subscriber-level user registration is enabled and an administrator has recently used the plugin's decrypt function.

Authentication Bypass WordPress Information Disclosure +1
NVD
EPSS 94% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

RCE WordPress PHP +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy