CVE-2015-10134 – WordPress Simple Backup Arbitrary File Download Vulnerability

CVE ID : CVE-2015-10134

Published : July 19, 2025, 10:15 a.m. | 31 minutes ago

Description : The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the download_backup_file function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download sensitive files such as the wp-config.php file from the affected site.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…