CVE-2025-3104

Name of the Vulnerable Software and Affected Versions WP STAGING Pro WordPress Backup plugin versions up to and including 6.1.2

Description The issue concerns the exposure of information due to missing capability checks in the getOutdatedPluginsRequest() function. This allows unauthenticated attackers to reveal installed, active or inactive, outdated plugins.

Recommendations For WP STAGING Pro WordPress Backup plugin versions up to and including 6.1.2, update to a version later than 6.1.2 to resolve the issue. As a temporary workaround, consider disabling the getOutdatedPluginsRequest() function until a patch is available.