CVE-2025-68039
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-04-27
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | wp_backitup | to 2.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68039 is a medium severity Broken Access Control vulnerability in the WordPress WP BackItUp plugin (versions up to 2.0.0). It occurs due to missing authorization, authentication, or nonce token checks in certain plugin functions, which allows unauthenticated users to perform actions that normally require higher privileges. [1]
How can this vulnerability impact me? :
This vulnerability can allow unauthenticated attackers to perform privileged actions on a WordPress site using the WP BackItUp plugin, potentially leading to unauthorized access or manipulation of backup functions. This could compromise the security and integrity of the website data. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring for unauthorized access attempts to the WP BackItUp plugin endpoints, especially those that should require authentication but are accessible without it. Since the vulnerability allows unauthenticated users to perform privileged actions, checking web server logs for suspicious requests to WP BackItUp plugin URLs is recommended. Specific commands are not provided in the resources, but typical approaches include using web server log analysis tools or commands like 'grep' to search for access patterns related to the plugin. For example, you might run: grep 'wp-backitup' /var/log/apache2/access.log to identify suspicious access attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the mitigation rule provided by Patchstack to block attacks targeting this vulnerability until an official patch is released. Users are advised to implement this mitigation promptly to protect their websites. Additionally, restricting access to the WP BackItUp plugin endpoints through web application firewalls or server configuration can help reduce exposure. [1]