What the vulnerability does
01Description
The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the process_backup_batch() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download directories outside of the webroot and write backup zip files to arbitrary locations.
Explanation of Vulnerability in Simple Terms
02Summary
Backup Bolt versions up to 1.4.1 contain a flaw that allows authenticated administrators to read sensitive information and modify data on the site. The vulnerability requires high-level privileges and does not affect availability. A patch status is unknown; administrators should contact the vendor for guidance on remediation.
What an attacker can do
03Attacker Capabilities
Read sensitive data and modify site content if they have admin-level access.
Potential impact on your site
04Site Impact
Compromised admin accounts could leak data or alter backups and site configuration.
Conditions required to exploit
05Prerequisites
Attacker must have high-level administrative privileges on the site.
Key dates
06Disclosure timeline
October 3, 2025
CVE published
April 8, 2026
Record updated