[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAJ2AQGeg1hKLzp6swYnmUSRCWTOP7yOMP_S71rE3A0o":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-13907","total-upkeep-wordpress-backup-plugin-plus-restore-migrate-by-boldgrid-authenticated-administrator-server-side-request-fo","Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid \u003C= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery","The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.","boldgrid-backup",null,"\u003C=1.16.8","1.16.9","medium",4.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Server-Side Request Forgery (SSRF)","2025-02-26 00:00:00","2025-02-27 06:48:39",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F21da92d2-c38d-4a12-b850-bd0b580aaa54?source=api-prod",1]