Unauthenticated Cross Site Request Forgery in pCloud WP Backup by pCloud
CVE-2026-57757
7.1HIGH
What is CVE-2026-57757?
The vulnerability presents an unauthenticated Cross Site Request Forgery (CSRF) in versions of pCloud WP Backup that are 2.0.2 or earlier. This flaw allows attackers to trick users into performing unwanted actions on their behalf without their consent. As a result, unauthorized operations could be executed, potentially compromising the security of WordPress sites utilizing this backup plugin. It is crucial for users to update to the latest version to mitigate the risk associated with this vulnerability.
Affected Version(s)
pCloud WP Backup <= 2.0.2