cbcvebase.
CVE-2020-36848
published 2025-07-12

CVE-2020-36848: The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all…

PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.09%
61.4th percentile
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to find the location of back-up files and subsequently download them.

Affected

2 ranges
VendorProductVersion rangeFixed in
boldgridtotal_upkeep< 1.14.101.14.10
boldgridtotal_upkeep_wordpress_backup_plugin_plus_restore_migrate_by_boldgrid<= 1.14.9

Detection & IOCsextracted from sources · hover to see the quote

pathenv-info.php
pathrestore-info.json
  • Monitor for unauthenticated HTTP GET requests to env-info.php and restore-info.json on WordPress installations, which are used to enumerate server info and locate backup files.
  • After retrieving restore-info.json, attackers will attempt to download the backup archive file directly. Alert on unauthenticated downloads of backup/archive files from WordPress plugin directories.
  • Credential harvesting follows backup download — monitor for SQL dump files containing wp_users INSERT statements being exfiltrated or accessed externally.
  • ·The vulnerability affects all versions up to and including 1.14.9; version 1.14.10 and above are not affected.
  • ·The sensitive files (env-info.php and restore-info.json) are accessible without authentication, making exploitation trivial for unauthenticated attackers.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.