CVE-2020-36848
published 2025-07-12CVE-2020-36848: The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all…
PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.09%
61.4th percentile
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to find the location of back-up files and subsequently download them.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| boldgrid | total_upkeep | < 1.14.10 | 1.14.10 |
| boldgrid | total_upkeep_wordpress_backup_plugin_plus_restore_migrate_by_boldgrid | <= 1.14.9 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated HTTP GET requests to env-info.php and restore-info.json on WordPress installations, which are used to enumerate server info and locate backup files. ↗
- →After retrieving restore-info.json, attackers will attempt to download the backup archive file directly. Alert on unauthenticated downloads of backup/archive files from WordPress plugin directories. ↗
- →Credential harvesting follows backup download — monitor for SQL dump files containing wp_users INSERT statements being exfiltrated or accessed externally. ↗
- ·The vulnerability affects all versions up to and including 1.14.9; version 1.14.10 and above are not affected. ↗
- ·The sensitive files (env-info.php and restore-info.json) are accessible without authentication, making exploitation trivial for unauthenticated attackers. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/2439376/boldgrid-backuphttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/wp_total_upkeep_downloader.rbhttps://wpscan.com/vulnerability/d35c19d9-8586-4c5b-9a01-44739cbeee19/https://www.wordfence.com/threat-intel/vulnerabilities/id/86a5adaf-02b7-4b42-a048-8bc01f07656b?source=cve
2025-07-12
Published