Does myRepono WordPress Backup Plugin have any unpatched vulnerabilities?

No. All known vulnerabilities in myRepono WordPress Backup Plugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is myRepono WordPress Backup Plugin compatible with WordPress 4.6.30?

According to WordPress.org data, myRepono WordPress Backup Plugin 2.0.12 has been tested up to WordPress 4.6.30. Check the plugin's changelog for the latest compatibility information.

How often is myRepono WordPress Backup Plugin updated?

myRepono WordPress Backup Plugin was last updated on Aug 24, 2016. Frequent updates are generally a positive security signal.

What is myRepono WordPress Backup Plugin's security score?

myRepono WordPress Backup Plugin has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

myRepono WordPress Backup Plugin Security & Risk Analysis

wordpress.org/plugins/myrepono-wordpress-backup-plugin

Automate your WordPress, website & database backups using the myRepono remote website backup service.

100 active installs v2.0.12 PHP + WP 2.8+ Updated Aug 24, 2016

backupmysql-backupwebsite-backupwordpress-backupwp-backup

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is myRepono WordPress Backup Plugin Safe to Use in 2026?

Generally Safe

Score 85/100

myRepono WordPress Backup Plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "myrepono-wordpress-backup-plugin" v2.0.12 exhibits significant security concerns primarily due to its unprotected AJAX endpoint and the presence of dangerous functions. The plugin lacks any authorization checks on its single AJAX handler, creating a substantial attack surface that could be exploited by unauthenticated users. Furthermore, the use of dangerous functions like `unserialize` and `exec`, combined with the complete absence of prepared statements for SQL queries and a lack of output escaping, points to a high risk of various code injection and data manipulation vulnerabilities. The total absence of nonce checks on the AJAX endpoint exacerbates these risks, making cross-site request forgery (CSRF) attacks highly feasible.

While the plugin has no recorded vulnerability history, this should not be interpreted as a sign of robust security. It is more likely that the plugin has not been thoroughly audited or that vulnerabilities have not yet been publicly disclosed. The strong indicators of potential vulnerabilities in the static analysis, particularly the unsanitized taint flows and critical severity, warrant immediate attention. The plugin’s overall security posture is weak, with critical design flaws that could lead to severe security breaches if exploited.

Key Concerns

Unprotected AJAX handler
Dangerous functions (unserialize, exec)
SQL queries without prepared statements
Output escaping not properly implemented
No nonce checks on AJAX
High severity unsanitized taint flows (2)

Vulnerabilities

None known

myRepono WordPress Backup Plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

myRepono WordPress Backup Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$values = unserialize($values);api\libcurlemu\class_HTTPRetriever.php:454

execexec($cmd,$output,$ret);api\libcurlemu\libcurlexternal.inc.php:502

unserializereturn @unserialize($response);myrepono_plugin_functions.php:1466

unserialize$option = unserialize(base64_decode($option));myrepono_plugin_functions.php:1722

SQL Query Safety

0% prepared3 total queries

Output Escaping

0% escaped16 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths

myrepono_plugin_home_queue_ajax_func (myrepono_plugin_home.php:975)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

myRepono WordPress Backup Plugin Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_myrepono_plugin_home_queuemyrepono_plugin.php:56

WordPress Hooks 10

actioninitmyrepono_plugin.php:35

actionadmin_noticesmyrepono_plugin.php:48

actionadmin_menumyrepono_plugin.php:50

actionadmin_headmyrepono_plugin.php:52

actionadmin_enqueue_scriptsmyrepono_plugin.php:54

filtercontextual_helpmyrepono_plugin.php:60

filterset-screen-optionmyrepono_plugin.php:62

actionadmin_menumyrepono_plugin.php:66

actionadmin_noticesmyrepono_plugin.php:70

actionadmin_initmyrepono_plugin.php:72

Maintenance & Trust

myRepono WordPress Backup Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested4.6.30

Last updatedAug 24, 2016

PHP min version

Downloads68K

Community Trust

Rating68/100

Number of ratings11

Active installs100

Alternatives

myRepono WordPress Backup Plugin Alternatives

Backup by VOGA Press

backup-by-vogapress

Simplest way to manage and monitor your backups with VOGAPress cloud service. FREE cloud backup service is available for personal WordPress site.

10 No CVEs

Site Backup

site-backup

Backup and restore your site in one click. Schedule automatic backup of your site. No worries anymore!!!

10 No CVEs

SEInc Backup

seinc-backup

A simple WordPress backup plugin for creating and managing backups of your WordPress site to custom folder path.

0 No CVEs

UpdraftPlus: WP Backup & Migration Plugin

updraftplus

Backup, restore or migrate your WordPress website to another host or domain. Schedule backups or run manually. Migrate in minutes.

3.0M 14 CVEs

Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More

duplicator

The best WordPress backup and migration plugin. Quickly and easily backup ,migrate, copy, move, or clone your site from one location to another.

1.0M 15 CVEs

Developer Profile

myRepono WordPress Backup Plugin Developer Profile

myRepono

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect myRepono WordPress Backup Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/myrepono-wordpress-backup-plugin/myrepono.css/wp-content/plugins/myrepono-wordpress-backup-plugin/myrepono.js

Script Paths

/wp-content/plugins/myrepono-wordpress-backup-plugin/myrepono.js

Version Parameters

myrepono-wordpress-backup-plugin/myrepono.css?ver=myrepono-wordpress-backup-plugin/myrepono.js?ver=

HTML / DOM Fingerprints

CSS Classes

myrepono_status

HTML Comments

Copyright 2016 ionix Limited (email: support@myRepono.com)This program is free software; you can redistribute it and/or modifyit under the terms of the GNU General Public License, version 2, aspublished by the Free Software Foundation.+9 more

JS Globals

WP_MYREPONO_PLUGIN

FAQ