Description
The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.4 via backup files stored in a publicly accessible location. This makes it possible for unauthenticated attackers to extract sensitive data from database backup files. An index file is present, so a brute force attack would need to be successful in order to compromise any data.
Published: 2025-05-03
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Information Exposure
Action: Assess Impact
AI Analysis

Impact

The Database Toolset WordPress plugin stores database backup files in a publicly accessible location, allowing an unauthenticated attacker to read these files. The vulnerability is a classic case of sensitive information exposure (CWE-200), where backup files may contain the entire database contents, including configuration data, user credentials, and other confidential information. The impact is a loss of confidentiality, potentially leading to data leaks or further compromise if the attacker uses the backup for subsequent attacks.

Affected Systems

Vendors and products affected are neoslab's Database Toolset plugin for WordPress. The vulnerability exists in all releases up to and including version 1.8.4. Users running those versions should verify the installed version and upgrade if possible.

Risk and Exploitability

The CVSS score of 5.9 indicates a moderate severity. The EPSS score is less than 1%, suggesting a low probability of exploitation at the time of analysis, and the vulnerability is not listed in CISA’s KEV catalog. Attackers must acquire the accurate file name to download a backup; an index file is present, but enumeration would require success in a brute‑force search. The attack vector is remote, unauthenticated, and relies on file disclosure. While the exploitation is technically straightforward once the file is located, the low availability of the file path keeps overall risk moderate.

Generated by OpenCVE AI on April 20, 2026 at 22:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Database Toolset plugin to version 1.8.5 or later as soon as a fix is available.
  • Move all backup directories to a non‑publicly accessible location and secure them with proper file permissions (e.g., 700) to prevent direct downloads.
  • Delete or restrict access to any existing backup files, including the index file, and revoke any exposed URLs through web server configuration (e.g., .htaccess or Nginx deny rules).

Generated by OpenCVE AI on April 20, 2026 at 22:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-13308 The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.4 via backup files stored in a publicly accessible location. This makes it possible for unauthenticated attackers to extract sensitive data from database backup files. An index file is present, so a brute force attack would need to be successful in order to compromise any data.
History

Tue, 13 May 2025 18:00:00 +0000

Type Values Removed Values Added
References

Mon, 05 May 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sat, 03 May 2025 02:30:00 +0000

Type Values Removed Values Added
Description The Database Toolset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.4 via backup files stored in a publicly accessible location. This makes it possible for unauthenticated attackers to extract sensitive data from database backup files. An index file is present, so a brute force attack would need to be successful in order to compromise any data.
Title Database Toolset <= 1.8.4 - Unauthenticated Sensitive Information Exposure via Backup Files
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:34:20.546Z

Reserved: 2025-05-02T13:15:21.042Z

Link: CVE-2025-4222

cve-icon Vulnrichment

Updated: 2025-05-05T14:40:34.352Z

cve-icon NVD

Status : Deferred

Published: 2025-05-03T03:15:29.217

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-4222

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T23:00:14Z

Weaknesses