CVE-2026-3339

Summary

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the kbd_open_upload_dir AJAX action. This is due to insufficient validation of the kbd_path parameter, which is only sanitized with sanitize_text_field() - a function that does not strip path traversal sequences. This makes it possible for authenticated attackers, with Administrator-level access and above, to list the contents of arbitrary directories on the server outside of the intended uploads directory.

Affected Software

VendorProductVersion RangeStatus
fahadmahmoodKeep Backup Daily0 <= 2.1.1affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References