Path Traversal Vulnerability in Keep Backup Daily by Fahad Mahmood
CVE-2025-26779

4.9MEDIUM

Key Information:

Vendor: WordPress
Status: Keep Backup Daily
Vendor: CVE Published:; 16 February 2025

Summary

A Path Traversal vulnerability in the Keep Backup Daily plugin by Fahad Mahmood allows attackers to manipulate file paths, potentially leading to unauthorized access to sensitive files. This issue affects versions from n/a up to 2.1.0, permitting unintended file exposure and overall security concerns within the application.

Affected Version(s)

Keep Backup Daily <= 2.1.0

References

https://patchstack.com/database/wordpress/plugin/keep-bac...

vdb-entry

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 16, 2025
Vulnerability Reserved
Feb 14, 2025

Credit

Caesar Evan Santoso (Patchstack Alliance)