CVE-2025-26779
📋 TL;DR
This path traversal vulnerability in the Keep Backup Daily WordPress plugin allows attackers to download arbitrary files from the server by manipulating file paths. It affects all WordPress sites running Keep Backup Daily version 2.1.0 or earlier. The vulnerability requires authentication but could be exploited by any user with plugin access.
💻 Affected Systems
- Keep Backup Daily WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could download sensitive files including wp-config.php (containing database credentials), .htaccess files, or other configuration files, potentially leading to full site compromise.
Likely Case
Authenticated users could download backup files or configuration files they shouldn't have access to, potentially exposing sensitive information.
If Mitigated
With proper file permissions and web server configuration, impact is limited to files accessible by the web server user.
🎯 Exploit Status
Exploitation requires authenticated access. The vulnerability is publicly documented with technical details available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.1.1 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Keep Backup Daily' and check if update is available. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 2.1.1+ from WordPress.org and manually update.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily disable the Keep Backup Daily plugin until patched
wp plugin deactivate keep-backup-daily
Restrict Plugin Access
allLimit which users can access the plugin functionality
🧯 If You Can't Patch
- Remove the plugin entirely if not needed
- Implement strict file permissions and web server restrictions to limit accessible directories
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins → Keep Backup Daily version. If version is 2.1.0 or earlier, you are vulnerable.Check Version:
wp plugin get keep-backup-daily --field=versionVerify Fix Applied:
After updating, verify the plugin version shows 2.1.1 or later in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual file download requests to keep-backup-daily endpoints
- Path traversal patterns in URLs (../ sequences)
- Failed attempts to access sensitive files
Network Indicators:
- HTTP requests containing '../' patterns to plugin endpoints
- Unusual file downloads from backup-related URLs
SIEM Query:
source="web_logs" AND (url="*keep-backup-daily*" AND url="*../*")