[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fEUou8YatXvS6EXUWvadFgG5FVfB_S7a3nrI2FvxeEm0":3},{"slug":4,"name":5,"version":6,"author":5,"author_profile":7,"description":8,"short_description":9,"active_installs":10,"downloaded":11,"rating":12,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":75,"crawl_stats":37,"alternatives":82,"analysis":170,"fingerprints":329},"backup-bolt","Backup Bolt","1.5.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fbackupbolt\u002F","\u003Cp>Backup Bolt is the easiest and simplest one click backup plugin you could ever find!. Now take a custom backup with minimal storage consumption or backup your full WordPress site with a click of button!. Clutter free straight forward interface. Download backup with zip compression.\u003C\u002Fp>\n\u003Ch3>BACKUP FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Super easy backup interface\u003C\u002Fli>\n\u003Cli>Custom backup for minimal storage consumption\u003C\u002Fli>\n\u003Cli>Full WordPress backup\u003C\u002Fli>\n\u003Cli>Backup size v\u002Fs Free memory calculation\u003C\u002Fli>\n\u003Cli>PCLZIP based faster backup process\u003C\u002Fli>\n\u003Cli>Realtime process logging during backup\u003C\u002Fli>\n\u003Cli>Generate large backups within seconds\u003C\u002Fli>\n\u003Cli>Download the backup in zip format\u003C\u002Fli>\n\u003Cli>Backups are auto deleted daily for storage consumption\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Show Your Support\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Rate Plugin – If you find this plugin useful, please leave a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbackup-bolt\u002Freviews\u002F\" rel=\"ugc\">positive review\u003C\u002Fa>. Your reviews are our biggest motivation for further development of the plugin.\u003C\u002Fli>\n\u003Cli>Submit a Bug – If you find any issue, please submit a bug via support forum.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Thanks to \u003Ca href=\"https:\u002F\u002Fsweetalert2.github.io\u002F\" rel=\"nofollow ugc\">SweetAlert2\u003C\u002Fa> for beautiful alert box script.\u003C\u002Fp>\n","Super simple one click backup your site and download the backup in compressed zip format. Choose between custom or full WordPress backup.",900,17597,94,13,"2025-10-05T14:23:00.000Z","6.8.5","4.0","5.6",[19,20,21,22,23],"backup","backups","download-backup","restore","zip-backup","https:\u002F\u002Fbackupbolt.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbackup-bolt.1.5.0.zip",76,3,1,"2025-10-02 00:00:00","2026-03-15T15:16:48.613Z",[32,47,60],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-10306","backup-bolt-authenticated-admin-arbitrary-file-download","Backup Bolt \u003C= 1.4.1 - Authenticated (Admin+) Arbitrary File Download","The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the process_backup_batch() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download directories outside of the webroot and write backup zip files to arbitrary locations.",null,"\u003C=1.4.1","low",3.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","External Control of File Name or Path","2025-10-10 21:05:28",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F63f38644-a021-407a-9882-2c8435849c08?source=api-prod",9,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":37,"severity":52,"cvss_score":53,"cvss_vector":54,"vuln_type":55,"published_date":56,"updated_date":57,"references":58,"days_to_patch":37},"CVE-2025-49040","backup-bolt-cross-site-request-forgery","Backup Bolt \u003C= 1.4.1 - Cross-Site Request Forgery","The Backup Bolt plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as clicking on a link.","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-08-19 00:00:00","2025-08-25 18:03:35",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F43790bc7-23ff-48b1-bf49-bf13cf184bd1?source=api-prod",{"id":61,"url_slug":62,"title":63,"description":64,"plugin_slug":4,"theme_slug":37,"affected_versions":65,"patched_in_version":66,"severity":52,"cvss_score":67,"cvss_vector":68,"vuln_type":69,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2023-7236","backup-bolt-sensitive-information-exposure","Backup Bolt \u003C= 1.3.0 - Sensitive Information Exposure","The Backup Bolt plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via error log file. This makes it possible for unauthenticated attackers to obtain information about an affected site's configuration, files and directories.","\u003C=1.3.0","1.4.0",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2024-02-20 00:00:00","2024-03-11 09:05:52",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F440e2618-5b45-4bad-8a97-2fb1a6e991ea?source=api-prod",20,{"slug":76,"display_name":5,"profile_url":7,"plugin_count":77,"total_installs":10,"avg_security_score":78,"avg_patch_time_days":79,"trust_score":80,"computed_at":81},"backupbolt",2,84,15,83,"2026-04-04T09:50:14.572Z",[83,106,125,137,154],{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":12,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":101,"download_link":102,"security_score":103,"vuln_count":28,"unpatched_count":104,"last_vuln_date":105,"fetched_at":30},"wp-health","WP Umbrella: Update Backup Restore & Monitoring","2.22.0","WP Umbrella - Backup WordPress","https:\u002F\u002Fprofiles.wordpress.org\u002Fwphealth\u002F","\u003Cp>WP Umbrella empowers agencies and WordPress developers to master WordPress maintenance, and manage multiple sites effortlessly. Key features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Dashboard: Monitor, update, and backup all your sites from a single dashboard.\u003C\u002Fli>\n\u003Cli>Automated Cloud Backup: Secured, incremental backup with GDPR compliance, ensuring your data’s safety and easy backup restoration. WP Umbrella provide with GDPR Backup.\u003C\u002Fli>\n\u003Cli>One-Click Updates: Update core, themes, and plugins, maintaining security and performance. Update Rollback available. Exclude update and ignore updates too.\u003C\u002Fli>\n\u003Cli>Uptime Monitoring: Stay informed with alerts on uptime, downtime, and site performance, including Google Page Speed monitoring.\u003C\u002Fli>\n\u003Cli>Error Tracking: Monitor PHP errors to maintain a safe website.\u003C\u002Fli>\n\u003Cli>Security monitoring: monitor vulnerabilities and security metrics.\u003C\u002Fli>\n\u003Cli>Reports: automate your reporting on update, GDPR backup, uptime, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WP Umbrella is the best alternative to ManageWP, MainWP, WP Remote, InfiniteWP.\u003C\u002Fp>\n\u003Ch3>WordPress Management Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Multiple Sites Management: manage and log into your WordPress sites with a unified dashboard.\u003C\u002Fli>\n\u003Cli>Update Management: Bulk update plugins, and themes in 1-click. Rollback included.\u003C\u002Fli>\n\u003Cli>Backup and Restoration: automated and scheduled backups. Backup WordPress now!\u003C\u002Fli>\n\u003Cli>Comprehensive Monitoring: From uptime to WordPress errors.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium \u002F Freemium\u003C\u002Fh4>\n\u003Cp>Create an account and enjoy 14 day trial with all features (backup, uptime monitoring, safe update, etc). Then you only have access to our health check.\u003C\u002Fp>\n","Everything you need to sell WordPress maintenance and manage multiple sites effortlessly: backup, update, uptime monitoring, and security.",60000,1096555,61,"2026-03-11T12:36:00.000Z","7.0","5.8","7.4",[19,20,99,22,100],"monitoring","update","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-health.v2.22.0.zip",97,0,"2024-12-07 16:24:56",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":77,"last_updated":117,"tested_up_to":118,"requires_at_least":119,"requires_php":101,"tags":120,"homepage":122,"download_link":123,"security_score":124,"vuln_count":104,"unpatched_count":104,"last_vuln_date":37,"fetched_at":30},"automatic-wordpress-backup","Automatic WordPress Backup","2.0.3","DanCoulter","https:\u002F\u002Fprofiles.wordpress.org\u002Fdancoulter\u002F","\u003Cp>Using this plugin, you can easily and automatically backup important parts of\u003Cbr \u002F>\nyour WordPress install to Amazon S3.  Amazon S3 is an extremely cheap service\u003Cbr \u002F>\nthat is easy to set up.  For pennies a month, you can make sure that your\u003Cbr \u002F>\nimportant files will be kept safe.\u003C\u002Fp>\n\u003Cp>Important caveat: this plugin currently has to be run on a linux server.\u003Cbr \u002F>\nAlso, the wp-content\u002Fuploads folder has to be server-writable or it won’t be\u003Cbr \u002F>\nable to create the zips for backup.\u003C\u002Fp>\n\u003Cp>For full info and installation instructions, visit http:\u002F\u002Fwww.webdesigncompany.net\u002Fautomatic-wordpress-backup\u002F\u003C\u002Fp>\n","Automatically back up important bits of your WordPress install to Amazon S3.",300,53087,100,"2010-08-11T07:37:00.000Z","3.0.5","2.8",[121],"backup-automatic-s3-zip-backups-scheduled","http:\u002F\u002Fwww.webdesigncompany.net\u002Fautomatic-wordpress-backup\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautomatic-wordpress-backup.2.0.3.zip",85,{"slug":126,"name":127,"version":128,"author":110,"author_profile":111,"description":129,"short_description":113,"active_installs":130,"downloaded":131,"rating":104,"num_ratings":104,"last_updated":132,"tested_up_to":133,"requires_at_least":119,"requires_php":101,"tags":134,"homepage":135,"download_link":136,"security_score":124,"vuln_count":104,"unpatched_count":104,"last_vuln_date":37,"fetched_at":30},"wp-s3-backups","WP S3 Backups","0.3.0","\u003Cp>Using this plugin, you can easily and automatically backup important parts of\u003Cbr \u002F>\nyour WordPress install to Amazon S3.  Amazon S3 is an extremely cheap service\u003Cbr \u002F>\nthat is easy to set up.  For pennies a month, you can make sure that your\u003Cbr \u002F>\nimportant files will be kept safe.\u003C\u002Fp>\n\u003Cp>Important caveat: this plugin currently has to be run on a linux server.\u003Cbr \u002F>\nAlso, the wp-content\u002Fuploads folder has to be server-writable or it won’t be\u003Cbr \u002F>\nable to create the zips for backup.\u003C\u002Fp>\n",30,7638,"2009-12-14T09:17:00.000Z","2.9.2",[121],"http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fwp-s3-backups\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-s3-backups.0.3.0.zip",{"slug":138,"name":139,"version":140,"author":139,"author_profile":141,"description":142,"short_description":143,"active_installs":144,"downloaded":145,"rating":116,"num_ratings":77,"last_updated":146,"tested_up_to":147,"requires_at_least":148,"requires_php":97,"tags":149,"homepage":152,"download_link":153,"security_score":116,"vuln_count":104,"unpatched_count":104,"last_vuln_date":37,"fetched_at":30},"siteskite","SiteSkite","1.2.11","https:\u002F\u002Fprofiles.wordpress.org\u002Fsiteskite\u002F","\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.siteskite.com\u002F\" rel=\"nofollow ugc\">SiteSkite\u003C\u002Fa>\u003C\u002Fstrong> is a next-generation WordPress management platform built for agencies, developers, and site owners who manage multiple websites.\u003C\u002Fp>\n\u003Cp>Unlike traditional management plugins, SiteSkite goes beyond updates and backups. It allows you to \u003Cstrong>create new websites from backups\u003C\u002Fstrong>, use \u003Cstrong>prebuilt blueprints\u003C\u002Fstrong>, manage updates in bulk, monitor uptime, and control everything from one centralized dashboard.\u003C\u002Fp>\n\u003Cp>Whether you manage 1 site or 100+, SiteSkite simplifies WordPress maintenance and scales with your workflow.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important:\u003C\u002Fstrong> SiteSkite only manages your website after you connect it using a secure API key.\u003Cbr \u002F>\nAll plugin installation, activation, and maintenance actions must be initiated from your SiteSkite account — ensuring full control and secure access.\u003C\u002Fp>\n\u003Ch3>💡 What SiteSkite Helps You Do\u003C\u002Fh3>\n\u003Cp>✔️ Manage multiple WordPress sites from one dashboard\u003Cbr \u002F>\n✔️ Automate backups & restore anytime\u003Cbr \u002F>\n✔️ Snapshot backup & incremental backup support\u003Cbr \u002F>\n✔️ Create blueprints for rapid deployment\u003Cbr \u002F>\n✔️ Launch sandbox site\u003Cbr \u002F>\n✔️ Spin new sites from existing backups (On SiteSkite servers)\u003Cbr \u002F>\n✔️ Store backups in your own cloud (BYO cloud)\u003Cbr \u002F>\n✔️ Vulerabilities detection guard\u003Cbr \u002F>\n✔️ Monitor uptime & site health across all sites\u003Cbr \u002F>\n✔️ Bulk update, activate, deactivate, and delete plugins\u002Fthemes\u003Cbr \u002F>\n✔️ Roll back plugin\u002Ftheme versions safely\u003Cbr \u002F>\n✔️ Add team members & organize sites into workspaces\u003Cbr \u002F>\n✔️ WP Canvas (Maintenance mode, Debug, Search & Replace, Indexing control, WP Reset & more)\u003Cbr \u002F>\n✔️ Manage WP Admin Users & Roles\u003Cbr \u002F>\n✔️ Track Core Web Vitals performance\u003Cbr \u002F>\n✔️ Install curated plugin presets with WP Essentials\u003Cbr \u002F>\n✔️ White-label the plugin for agency clients\u003Cbr \u002F>\n✔️ Automated Reports for your customers\u003Cbr \u002F>\n✔️ Preety logs view for Error, Debug and Custom logs\u003Cbr \u002F>\n✔️ White Lable plugin for your agency & customers\u003Cbr \u002F>\n✔️ and much more…\u003C\u002Fp>\n\u003Cp>Built to simplify workflows and scale your WordPress operations without stress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fauth-platform.siteskite.com\u002Fregister\" rel=\"nofollow ugc\">Get started\u003C\u002Fa>\u003C\u002Fstrong> in minutes.\u003C\u002Fp>\n\u003Ch3>🚀 Key Features\u003C\u002Fh3>\n\u003Ch4>🔄 Backups & Restore\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>On-demand, daily, or weekly backups  \u003C\u002Fli>\n\u003Cli>Full, database-only, or file-only backups  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Incremental backups\u003C\u002Fstrong> (resource-efficient)  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Classic snapshot backups\u003C\u002Fstrong> (full archive)  \u003C\u002Fli>\n\u003Cli>Restore with a click  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>☁ BYO Cloud Storage\u003C\u002Fh4>\n\u003Cp>Use your own cloud storage, including:\u003Cbr \u002F>\n– Google Drive\u003Cbr \u002F>\n– Dropbox\u003Cbr \u002F>\n– AWS S3\u003Cbr \u002F>\n– BackBlaze B2\u003Cbr \u002F>\n– pCloud\u003C\u002Fp>\n\u003Ch4>⚙️ Bulk WordPress Actions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Update plugins, themes, and core  \u003C\u002Fli>\n\u003Cli>Activate\u002FDeactivate\u002FDelete plugins & themes  \u003C\u002Fli>\n\u003Cli>Rollback plugin & theme versions  \u003C\u002Fli>\n\u003Cli>Install bulk plugins from presets  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🧰 WP Canvas Tools\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Maintenance Mode  \u003C\u002Fli>\n\u003Cli>WP Debug  \u003C\u002Fli>\n\u003Cli>Search & Replace  \u003C\u002Fli>\n\u003Cli>Permalink settings  \u003C\u002Fli>\n\u003Cli>WP Reset  \u003C\u002Fli>\n\u003Cli>Site Indexing toggle  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>📊 Performance & Monitoring\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Uptime monitoring  \u003C\u002Fli>\n\u003Cli>BirdEye status overview  \u003C\u002Fli>\n\u003Cli>Core Web Vitals metrics  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>👥 Collaboration & Scaling\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Workspaces to group sites & clients  \u003C\u002Fli>\n\u003Cli>Add users, team members, and clients  \u003C\u002Fli>\n\u003Cli>White-label plugin branding  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>🛍 Marketplace Access\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Browse tools, presets, and digital assets  \u003C\u002Fli>\n\u003Cli>Wishlist & follow sellers  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔗 Learn More\u003C\u002Fh3>\n\u003Cp>🌐 Website: https:\u002F\u002Fwww.siteskite.com\u003Cbr \u002F>\n📘 Documentation: https:\u002F\u002Fknowledgebase.siteskite.com\u003C\u002Fp>\n\u003Ch3>🧭 Who is SiteSkite for?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress website owners  \u003C\u002Fli>\n\u003Cli>Agencies managing client sites  \u003C\u002Fli>\n\u003Cli>Freelancers & developers  \u003C\u002Fli>\n\u003Cli>Hosting providers offering WP upkeep  \u003C\u002Fli>\n\u003Cli>Anyone who wants peace of mind & automation  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services to perform backups, restores, and operational callbacks. Below is a list of services, what they are used for, what data is sent, and relevant policies.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Dropbox\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Uploading and downloading backup archives to the site owner’s Dropbox.\u003C\u002Fli>\n\u003Cli>What data is sent and when: Backup file contents and related metadata (e.g., file name and size) during backup and restore operations initiated by the administrator.\u003C\u002Fli>\n\u003Cli>Endpoints: \u003Ccode>https:\u002F\u002Fcontent.dropboxapi.com\u003C\u002Fcode>, \u003Ccode>https:\u002F\u002Fapi.dropboxapi.com\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Policies: Terms https:\u002F\u002Fwww.dropbox.com\u002Fterms · Privacy https:\u002F\u002Fwww.dropbox.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Google Drive\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Uploading and downloading backup archives to the site owner’s Google Drive.\u003C\u002Fli>\n\u003Cli>What data is sent and when: Backup file contents and related metadata during backup and restore operations initiated by the administrator.\u003C\u002Fli>\n\u003Cli>Endpoints: \u003Ccode>https:\u002F\u002Fwww.googleapis.com\u002Fdrive\u002Fv3\u002Ffiles\u003C\u002Fcode> and related upload endpoints such as \u003Ccode>https:\u002F\u002Fwww.googleapis.com\u002Fupload\u002Fdrive\u002Fv3\u002Ffiles\u003C\u002Fcode> (resumable\u002Fmultipart uploads).\u003C\u002Fli>\n\u003Cli>Policies: Terms https:\u002F\u002Fpolicies.google.com\u002Fterms · Privacy https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Amazon S3\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Uploading and downloading backup archives to the site owner’s Amazon S3 bucket.\u003C\u002Fli>\n\u003Cli>What data is sent and when: Backup file contents and related metadata during backup and restore operations initiated by the administrator.\u003C\u002Fli>\n\u003Cli>Endpoints: Region-specific S3 REST API (e.g., \u003Ccode>https:\u002F\u002Fs3.\u003Cregion>.amazonaws.com\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>Policies: Service Terms https:\u002F\u002Faws.amazon.com\u002Fservice-terms\u002F · Privacy https:\u002F\u002Faws.amazon.com\u002Fprivacy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Backblaze B2\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Uploading and downloading backup archives to the site owner’s Backblaze B2 bucket.\u003C\u002Fli>\n\u003Cli>What data is sent and when: Backup file contents and related metadata during backup and restore operations initiated by the administrator.\u003C\u002Fli>\n\u003Cli>Endpoints: Backblaze B2 API (e.g., \u003Ccode>https:\u002F\u002Fapi.backblazeb2.com\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>Policies: Terms https:\u002F\u002Fwww.backblaze.com\u002Fcompany\u002Flegal\u002Fterms.html · Privacy https:\u002F\u002Fwww.backblaze.com\u002Fcompany\u002Fprivacy.html\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>pCloud\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Uploading and downloading backup archives to the site owner’s pCloud storage.\u003C\u002Fli>\n\u003Cli>What data is sent and when: Backup file contents and related metadata during backup and restore operations initiated by the administrator.\u003C\u002Fli>\n\u003Cli>Endpoints: pCloud API (e.g., \u003Ccode>https:\u002F\u002Fapi.pcloud.com\u003C\u002Fcode>) and regional variants such as \u003Ccode>https:\u002F\u002Feapi.pcloud.com\u003C\u002Fcode> (EU) and \u003Ccode>https:\u002F\u002Fasiaapi.pcloud.com\u003C\u002Fcode> (Asia). OAuth token exchange: \u003Ccode>https:\u002F\u002Fmy.pcloud.com\u002Foauth2_token\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Policies: Terms https:\u002F\u002Fwww.pcloud.com\u002Fterms.html · Privacy https:\u002F\u002Fwww.pcloud.com\u002Fprivacy-policy.html\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>SiteSkite endpoints (operational callbacks and validation)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Validating the plugin API key, linking a site, downloading managed assets, and sending operational status callbacks to SiteSkite services. Some staging endpoints may be used for validation or asset download during testing.\u003C\u002Fli>\n\u003Cli>What data is sent and when: Site identifier and operation status metadata (e.g., backup\u002Frestore status) during validation and callbacks. For asset downloads, only the requested asset path is transmitted. Backup contents are never sent to SiteSkite; only selected metadata required to coordinate operations.\u003C\u002Fli>\n\u003Cli>Policies: Terms https:\u002F\u002Fwww.siteskite.com\u002Fterms-of-service · Privacy https:\u002F\u002Fwww.siteskite.com\u002Fprivacy-policy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>WordPress.org (downloads)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What it’s used for: Downloading official WordPress core translation files when requested by an administrator.\u003C\u002Fli>\n\u003Cli>What data is sent and when: The request URL includes the WordPress core version and language code to retrieve the matching translation archive; no personal data is sent.\u003C\u002Fli>\n\u003Cli>Endpoints: \u003Ccode>https:\u002F\u002Fdownloads.wordpress.org\u002Ftranslation\u002Fcore\u002F\u003Cversion>\u002F\u003Clocale>.zip\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Policies: Terms https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F · Privacy https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Notes:\u003Cbr \u002F>\n– Data is transmitted only when you initiate an action that requires it (e.g., starting a backup\u002Frestore, validating your API key, or downloading translations).\u003Cbr \u002F>\n– You choose and configure the cloud storage provider(s) to be used.\u003C\u002Fp>\n","Manage, backup, monitor, and restore WordPress sites from one dashboard. Create sandbox sites, use blueprints, and automate updates.",10,1697,"2026-03-06T12:13:00.000Z","6.9.4","5.3",[20,150,99,151,22],"bulk-management","reports","https:\u002F\u002Fsiteskite.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsiteskite.1.2.11.zip",{"slug":155,"name":156,"version":157,"author":158,"author_profile":159,"description":160,"short_description":161,"active_installs":144,"downloaded":162,"rating":104,"num_ratings":104,"last_updated":163,"tested_up_to":164,"requires_at_least":165,"requires_php":101,"tags":166,"homepage":168,"download_link":169,"security_score":124,"vuln_count":104,"unpatched_count":104,"last_vuln_date":37,"fetched_at":30},"wpbackupessentials","WPBackupEssentials","16.6.4","risharde","https:\u002F\u002Fprofiles.wordpress.org\u002Frisharde\u002F","\u003Cp>WPBackupEssentials allows you to easily back your entire WordPress website in a few simple clicks.\u003Cbr \u002F>\nYou can easily backup both your wordpress website files as well as database information since\u003Cbr \u002F>\nWPBackupEssentials conveniently stores each of the above in separate archive files and also be\u003Cbr \u002F>\nable to do quick restores – saving you a lot of time if you’re a developer! You can\u003Cbr \u002F>\nuse these archive files with the WPBackupEssentials Migrate script to migrate your entire\u003Cbr \u002F>\nWordpress website to another server.\u003C\u002Fp>\n\u003Cp>You can obtain the \u003Ca href=\"http:\u002F\u002Fwww.dovetechnologies.net\u002Fwpbackupessentials.html\" rel=\"nofollow ugc\">full edition here\u003C\u002Fa>\u003Cbr \u002F>\nYou’ll get even more features like automatic backups, cron scheduling, remote backups and more!\u003C\u002Fp>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Live one-click backups\u003C\u002Fli>\n\u003Cli>Quick restore database and files features added!\u003C\u002Fli>\n\u003Cli>Built in support for local backups\u003C\u002Fli>\n\u003Cli>Easy file names to differentiate between wordpress files archive or wordpress database archive\u003C\u002Fli>\n\u003Cli>Archives include .htaccess and other “hidden” files\u003C\u002Fli>\n\u003Cli>Backup process does not include backups directory since this would be redundant and also helps you save on storage as well\u003C\u002Fli>\n\u003Cli>Diagnostics let’s you know if any server functions are missing for successful backups\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003C\u002Fp>\n\u003Ch4>Full Edition Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>One license supports up to 10 wordpress installations simultaneously, 1 year of product updates and 24\u002F7 support via License Manager\u003C\u002Fli>\n\u003Cli>Free 1 GB FTP account to start backing up your files and database!\u003C\u002Fli>\n\u003Cli>Quick restore database and files features added!\u003C\u002Fli>\n\u003Cli>Built in support for local, ftp and sftp backups plus unlimited backup locations of these types\u003C\u002Fli>\n\u003Cli>Auto delete local backups when they are transferred to off-site locations via FTP or SFTP\u003C\u002Fli>\n\u003Cli>Email notifications when a backup completes\u003C\u002Fli>\n\u003Cli>Unlimited schedule jobs – backup hourly, daily or weekly using cron jobs\u003C\u002Fli>\n\u003Cli>Live one-click backup or cron alternative (the choice is yours)\u003C\u002Fli>\n\u003Cli>Select whether you want to back up database or files or both!\u003C\u002Fli>\n\u003Cli>Customize your backups by excluding unnecessary database tables\u003C\u002Fli>\n\u003Cli>Customize your backups by excluding folders from the wpfiles backup archive\u003C\u002Fli>\n\u003Cli>Easy file names to differentiate between wordpress files archive or wordpress database archive\u003C\u002Fli>\n\u003Cli>Archives include .htaccess and other “hidden” files\u003C\u002Fli>\n\u003Cli>Backup process does not include backups directory since this would be redundant and also helps you save on storage as well\u003C\u002Fli>\n\u003Cli>Diagnostics let’s you know if any server functions are missing for successful backups\u003C\u002Fli>\n\u003Cli>Easy Migration script to transfer your WordPress site to another server or directory!\u003C\u002Fli>\n\u003Cli>All of this for a fraction of what our competitors cost!\u003C\u002Fli>\n\u003Cli>and more!\u003C\u002Fli>\n\u003C\u002Ful>\n","WPBackupEssentials is the best plugin to easily backup and quick restore your entire Wordpress website in a few simple clicks!",1449,"2016-06-04T21:58:00.000Z","4.5.33","3.6",[19,20,22,167],"utilities","http:\u002F\u002Fwww.dovetechnologies.net\u002Fwpbackupessentials.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpbackupessentials.zip",{"attackSurface":171,"codeSignals":242,"taintFlows":273,"riskAssessment":314,"analyzedAt":328},{"hooks":172,"ajaxHandlers":207,"restRoutes":233,"shortcodes":234,"cronEvents":235,"entryPointCount":241,"unprotectedCount":104},[173,179,183,188,192,196,199,204],{"type":174,"name":175,"callback":176,"file":177,"line":178},"action","babo_clear_backups","babo_remove_all_backups","admin\\admin.php",22,{"type":174,"name":180,"callback":181,"file":177,"line":182},"admin_notices","babo_rateus",26,{"type":174,"name":184,"callback":185,"file":186,"line":187},"babo_show_reviewrequest","babo_set_review_flag","admin\\ajax_handlers.php",27,{"type":174,"name":189,"callback":190,"file":191,"line":79},"plugins_loaded","babo_load_plugin_textdomain","admin\\enqueues.php",{"type":174,"name":193,"callback":194,"file":191,"line":195},"admin_enqueue_scripts","babo_enqueue_styles",18,{"type":174,"name":193,"callback":197,"file":191,"line":198},"babo_enqueue_scripts",19,{"type":174,"name":200,"callback":201,"file":202,"line":203},"admin_menu","babo_admin_menu_page","admin\\pages.php",14,{"type":174,"name":205,"callback":206,"file":202,"line":79},"admin_init","babo_download_last_backup",[208,213,216,219,223,226,230],{"action":209,"nopriv":210,"callback":211,"hasNonce":212,"hasCapCheck":212,"file":186,"line":195},"babo_calculate_backup",false,"calculate_backup",true,{"action":214,"nopriv":210,"callback":215,"hasNonce":212,"hasCapCheck":212,"file":186,"line":198},"babo_initiate_backup","initiate_backup",{"action":217,"nopriv":210,"callback":218,"hasNonce":212,"hasCapCheck":212,"file":186,"line":74},"babo_refresh_log","log_fetcher",{"action":220,"nopriv":210,"callback":221,"hasNonce":212,"hasCapCheck":212,"file":186,"line":222},"babo_stop_backup","stop_the_backup",21,{"action":224,"nopriv":210,"callback":225,"hasNonce":210,"hasCapCheck":212,"file":186,"line":178},"babo_backup_success","backup_successful",{"action":227,"nopriv":210,"callback":228,"hasNonce":212,"hasCapCheck":212,"file":186,"line":229},"babo_process_backup","process_backup_batch",24,{"action":231,"nopriv":210,"callback":232,"hasNonce":212,"hasCapCheck":212,"file":186,"line":182},"babo_review_notice","babo_review_disable",[],[],[236,238],{"hook":184,"callback":184,"file":186,"line":237},184,{"hook":175,"callback":175,"file":239,"line":240},"inc\\babo_job_starter.php",117,7,{"dangerousFunctions":243,"sqlUsage":244,"outputEscaping":246,"fileOperations":195,"externalRequests":104,"nonceChecks":266,"capabilityChecks":267,"bundledLibraries":268},[],{"prepared":104,"raw":104,"locations":245},[],{"escaped":247,"rawEcho":46,"locations":248},37,[249,251,253,255,258,260,262,263,264],{"file":177,"line":93,"context":250},"raw output",{"file":186,"line":252,"context":250},55,{"file":186,"line":254,"context":250},95,{"file":256,"line":257,"context":250},"inc\\babo_backup.php",222,{"file":256,"line":259,"context":250},262,{"file":256,"line":261,"context":250},277,{"file":239,"line":198,"context":250},{"file":239,"line":229,"context":250},{"file":239,"line":265,"context":250},120,6,8,[269],{"name":270,"version":271,"knownCves":272},"Freemius","1.0",[],[274,291,301],{"entryPoint":275,"graph":276,"unsanitizedCount":104,"severity":39},"process_backup_batch (admin\\ajax_handlers.php:99)",{"nodes":277,"edges":289},[278,283],{"id":279,"type":280,"label":281,"file":186,"line":282},"n0","source","$_POST",103,{"id":284,"type":285,"label":286,"file":186,"line":287,"wp_function":288},"n1","sink","update_option() [Settings Manipulation]",137,"update_option",[290],{"from":279,"to":284,"sanitized":212},{"entryPoint":292,"graph":293,"unsanitizedCount":104,"severity":39},"backup_successful (admin\\ajax_handlers.php:160)",{"nodes":294,"edges":299},[295,298],{"id":279,"type":280,"label":296,"file":186,"line":297},"$_POST['fname']",169,{"id":284,"type":285,"label":286,"file":186,"line":297,"wp_function":288},[300],{"from":279,"to":284,"sanitized":212},{"entryPoint":302,"graph":303,"unsanitizedCount":104,"severity":39},"\u003Cajax_handlers> (admin\\ajax_handlers.php:0)",{"nodes":304,"edges":311},[305,306,307,309],{"id":279,"type":280,"label":281,"file":186,"line":282},{"id":284,"type":285,"label":286,"file":186,"line":287,"wp_function":288},{"id":308,"type":280,"label":296,"file":186,"line":297},"n2",{"id":310,"type":285,"label":286,"file":186,"line":297,"wp_function":288},"n3",[312,313],{"from":279,"to":284,"sanitized":212},{"from":308,"to":310,"sanitized":212},{"summary":315,"deductions":316},"The backup-bolt plugin v1.5.0 presents a mixed security profile. On one hand, the static analysis shows strong adherence to secure coding practices, with all AJAX handlers and REST API routes appearing to have authentication checks. The complete absence of dangerous functions, raw SQL queries, and unsanitized path taint flows is commendable. Furthermore, a high percentage of output escaping (80%) and the presence of nonce and capability checks are positive indicators. However, the plugin is not without significant concerns.\n\nThe vulnerability history is a major red flag. With three known CVEs, one of which remains unpatched, the plugin has a history of security weaknesses. The types of past vulnerabilities (External Control of File Name or Path, CSRF, Exposure of Sensitive Information) are particularly concerning as they can lead to severe compromise. The fact that a vulnerability was discovered as recently as October 2nd, 2025, and remains unpatched, significantly elevates the risk. While the current static analysis doesn't reveal immediate exploitable flaws in this specific version's code, the historical pattern suggests a recurring struggle with robust security implementation.\n\nIn conclusion, while version 1.5.0 of backup-bolt exhibits some good security practices in its code structure, the presence of an unpatched CVE and a history of serious vulnerability types means the overall risk is moderate to high. Users should be aware of the past issues and the ongoing unpatched vulnerability. The strength in code sanitization and authentication is overshadowed by the persistent security flaws indicated by its CVE history.",[317,319,321,323,325],{"reason":318,"points":74},"Unpatched vulnerability exists",{"reason":320,"points":144},"Medium severity vulnerabilities in history",{"reason":322,"points":27},"Low severity vulnerabilities in history",{"reason":324,"points":27},"Bundled outdated library (Freemius v1.0)",{"reason":326,"points":327},"Output escaping below ideal threshold (80%)",5,"2026-03-16T19:13:37.616Z",{"wat":330,"direct":347},{"assetPaths":331,"generatorPatterns":338,"scriptPaths":339,"versionParams":340},[332,333,334,335,336,337],"\u002Fwp-content\u002Fplugins\u002Fbackup-bolt\u002Fcss\u002Fmain.min.css","\u002Fwp-content\u002Fplugins\u002Fbackup-bolt\u002Fcss\u002Fsweetalert2.min.css","\u002Fwp-content\u002Fplugins\u002Fbackup-bolt\u002Fjs\u002Fmain.js","\u002Fwp-content\u002Fplugins\u002Fbackup-bolt\u002Fjs\u002Fpopper.min.js","\u002Fwp-content\u002Fplugins\u002Fbackup-bolt\u002Fjs\u002Fsweetalert2.all.min.js","\u002Fwp-content\u002Fplugins\u002Fbackup-bolt\u002Fjs\u002Ftippy-bundle.iife.min.js",[],[336,335,337,334],[341,342,343,344,345,346],"backup-bolt\u002Fcss\u002Fmain.min.css?ver=","backup-bolt\u002Fcss\u002Fsweetalert2.min.css?ver=","backup-bolt\u002Fjs\u002Fsweetalert2.all.min.js?ver=","backup-bolt\u002Fjs\u002Fpopper.min.js?ver=","backup-bolt\u002Fjs\u002Ftippy-bundle.iife.min.js?ver=","backup-bolt\u002Fjs\u002Fmain.js?ver=",{"cssClasses":348,"htmlComments":350,"htmlAttributes":351,"restEndpoints":352,"jsGlobals":353,"shortcodeOutput":355},[349],"tippy-box",[],[],[],[354],"bb_fs",[]]