CVE-2026-4029

Name of the Vulnerable Software and Affected Versions Database Backup for WordPress versions prior to 2.5.3

Description The plugin fails to properly enforce the return value of its authorization check, allowing unauthenticated attackers to export database tables. This leads to sensitive information exposure. This issue is only exploitable in WordPress Multisite environments where the deprecated is site admin() function exists.

Recommendations Update to a version later than 2.5.2.