CVE-2025-14944 | inisev BackupBliss Plugin up to 2.0.0 on WordPress Endpoint initializeOfflineAjax authorization

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability classified as problematic was found in inisev BackupBliss Plugin up to 2.0.0 on WordPress. Affected is the function initializeOfflineAjax of the component Endpoint. Such manipulation leads to missing authorization.

This vulnerability is listed as CVE-2025-14944. The attack may be performed from remote. There is no available exploit.

CVE-2025-14944 | inisev BackupBliss Plugin up to 2.0.0 on WordPress Endpoint initializeOfflineAjax authorization

Post correlati

CVE-2024-4314 | Hostel Plugin up to 1.1.5.3 on WordPress cross-site request forgery

CVE-2024-3543 | Progress LoadMaster prior 7.2.48.12/7.2.54.10/7.2.59.4 storing passwords in a recoverable format

CVE-2026-33276 | Checkmk up to 2.5.0b1 Unified Search cross site scripting

CVE-2024-45690 | Moodle oauth2 resource injection