Authorization Bypass Vulnerability in Database Backup for WordPress Plugin by WordPress
CVE-2026-4031

7.5HIGH

Key Information:

Vendor: WordPress
Status: Database Backup For WordPress
Vendor: CVE Published:; 14 May 2026

What is CVE-2026-4031?

The Database Backup for WordPress plugin is susceptible to an authorization bypass vulnerability that allows unauthenticated attackers to manipulate the wp_db_temp_dir parameter. This oversight permits attackers to redirect database backups to publicly accessible directories, such as wp-content/uploads/. Once the backup is triggered, they can intercept sensitive files that may include database credentials, user password hashes, and personally identifiable information. This situation arises primarily when site administrators have active scheduled backups configured, thus increasing the risk of data exposure significantly.

Affected Version(s)

Database Backup for WordPress 0 <= 2.5.2

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/wp-db-backup/t...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Mar 12, 2026

Credit

Drew Webber

CVE-2026-4031 Data

JSON