PLUGIN SECURITY
Is Backupwordpress safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Backupwordpress WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
backupwordpress - Max supported PHP (analyzed): 8.4
Known vulnerabilities
- BackUpWordPress [backupwordpress] < 0.4.3 (closed) [CVE-2007-5800, WordPress BackUpWordPress Plugin <= 0.4.2 - Remote File Inclusion, BackUpWordPress <= 0.4.2b - Remote File Inclusion]
- BackUpWordPress [backupwordpress] < 0.4.3 (closed) [BackUp <= 0.4.2b - RFI]
- BackUpWordPress [backupwordpress] < 3.13 (closed) [CVE-2022-4931, BackupWordPress <= 3.12 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure, BackupWordPress 3.12 - Subscriber+ Backup Disclosure]
- BackUpWordPress [backupwordpress] < 3.14 (closed) [CVE-2024-3034, BackUpWordPress <= 3.13 - Authenticated (Admin+) Directory Traversal, WordPress BackUpWordPress Plugin <= 3.13 is vulnerable to Directory Traversal]
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Safer / more established alternatives
- All-in-One WP Migration and Backup — 5000000+ active installs — max PHP <8.0
- UpdraftPlus: WP Backup & Migration Plugin — 3000000+ active installs — max PHP <8.0
- Jetpack – WP Security, Backup, Speed, & Growth — 3000000+ active installs
- Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More — 1000000+ active installs — max PHP <8.0
- ManageWP Worker — 1000000+ active installs — max PHP <8.0
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.