CVE-2021-47979 – WordPress Plugin Backup and Restore 1.0.3 Arbitrary File Deletion

CVE ID :CVE-2021-47979

Published : May 16, 2026, 4:16 p.m. | 2 hours, 41 minutes ago

Description :WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted file_name and folder_name parameters to delete arbitrary files from the WordPress installation directory.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2021-47980 – Fuel CMS 1.4.13 Blind SQL Injection via col Parameter

CVE-2021-47978 – ProcessMaker 3.5.4 Local File Inclusion via Path Traversal

CVE-2021-47977 – WordPress Anti-Malware Security Bruteforce Firewall 4.20.59 Directory Traversal

CVE-2021-47942 – Home Assistant Community Store 1.10.0 Path Traversal Account Takeover