WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Wpvivid Backuprestore safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Wpvivid Backuprestore WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: wpvivid-backuprestore
  • Requires PHP: 5.3+
  • Max supported PHP (analyzed): <8.0

Known vulnerabilities

  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.71 [CVE-2021-24994, WordPress WPvivid Backup and Migration Plugin <= 0.9.68 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability, Migration, Backup, Staging – WPvivid <= 0.9.68 - Unauthenticated Stored Cross-Site Scripting, WPvivid Backup and Migration Plugin &lt; 0.9.69 - Unauthenticated Stored Cross-Site Scripting]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.70 [CVE-2022-0531, WordPress Migration, Backup, Staging – WPvivid plugin <= 0.9.69 - Reflected Cross-Site Scripting (XSS) vulnerability, Migration, Backup, Staging – WPvivid <= 0.9.69 - Reflected Cross-Site Scripting via sub_page Parameter, WPvivid Backup and Migration Plugin &lt; 0.9.70 - Reflected Cross-Site Scripting]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.71 [CVE-2022-27844, WordPress WPvivid plugin <= 0.9.70 - Arbitrary File Read vulnerability, Migration, Backup, Staging – WPvivid <= 0.9.70 - Authenticated Arbitrary File Read, WPvivid Backup and Migration Plugin &lt; 0.9.71 - Admin+ Arbitrary File Download]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.53 [WordPress WPvivid Backup and Migration plugin <= 0.9.52 - SQL Injection (SQLi) vulnerability]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.36 [WordPress WPvivid Backup and Migration plugin <= 0.9.35 - Missing Authorization vulnerability leading to Database Leak]
+ 33 more known vulnerabilities
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.76 [CVE-2022-2442, WordPress WPvivid Backup Plugin <= 0.9.74 - Authenticated PHAR Deserialization vulnerability, Migration, Backup, Staging – WPvivid <= 0.9.74 - Authenticated (Admin+) PHAR Deserialization, WPvivid Backup &lt; 0.9.75 - Admin+ PHAR Deserialization]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.77 [WordPress WPvivid Backup plugin 0.9.76 - Authenticated Arbitrary File Deletion vulnerability]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.76 [CVE-2022-2863, Migration, Backup, Staging – WPvivid <= 0.9.75 - Authenticated (Administrator+) Path Traversal, WPvivid Backup &lt; 0.9.76 - Admin+ Arbitrary File Read]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.77 [WPvivid Backup 0.9.76 - Authenticated (Administrator+) Arbitrary File Deletion]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.76 [Migration, Backup, Staging – WPvivid <= 0.9.75 - Authenticated (Admin+) Directory Traversal]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.56 [Migration, Backup, Staging – WPvivid <= 0.9.55 - Reflected Cross-Site Scripting]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.36 [Migration, Backup, Staging – WPvivid <= 0.9.35 - Sensitive Information Disclosure]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.36 [Migration, Backup, Staging – WPvivid <= 0.9.35 - Authenticated (Subscriber+) Arbitrary File Upload]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.56 [WPvivid Backup &lt; 0.9.56 - Reflected Cross-Site Scripting]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.77 [WPvivid Backup 0.9.76 - Admin+ Arbitrary File Deletion]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.36 [WPvivid Backup &lt; 0.9.36 - Missing Authorization Leading To Database Leak]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.91 [WPvivid Backup Plugin <= 0.9.90 - Missing Authorization via 'start_staging' and 'get_staging_progress']
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.91 [Migration, Backup, Staging &ndash; WPvivid &lt;= 0.9.90 - Authenticated(Administrator+) Stored Cross-Site Scripting]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.91 [CVE-2023-41243, WordPress WPvivid Backup and Migration Plugin <= 0.9.90 is vulnerable to Privilege Escalation, WPvivid Backup Plugin &lt; 0.9.91 - Missing Authorization via &#039;start_staging&#039; and &#039;get_staging_progress&#039;]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.91 [WordPress WPvivid Backup and Migration Plugin <= 0.9.90 is vulnerable to Cross Site Scripting (XSS)]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.90 [CVE-2023-5121, Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Stored Cross-Site Scripting, WordPress WPvivid Backup and Migration Plugin <= 0.9.89 is vulnerable to Cross Site Scripting (XSS), Migration, Backup, Staging &ndash; WPvivid &lt; 0.9.90 - Admin+ Stored XSS]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.90 [CVE-2023-4274, Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal, WordPress WPvivid Backup and Migration Plugin <= 0.9.89 is vulnerable to Arbitrary File Deletion, Migration, Backup, Staging &ndash; WPvivid &lt; 0.9.90 - Admin+ Arbitrary Directory Deletion via Path Traversal]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.90 [CVE-2023-5120, Migration, Backup, Staging – WPvivid <= 0.9.89 - Authenticated Stored Cross-Site Scripting, Migration, Backup, Staging &ndash; WPvivid &lt; 0.9.90 - Admin+ Stored XSS]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.92 [CVE-2023-5576, Migration, Backup, Staging – WPvivid <= 0.9.91 - Google Drive Client Secret Exposure, WordPress WPvivid Backup and Migration Plugin <= 0.9.91 is vulnerable to Sensitive Data Exposure, Migration, Backup, Staging - WPvivid &lt; 0.9.91 - Unauthenticated Sensitive Information Exposure]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.95 [CVE-2023-4637, WPvivid <= 0.9.94 - Missing Authorization, WordPress WPvivid Backup and Migration Plugin <= 0.9.94 is vulnerable to Broken Access Control, WPvivid &lt; 0.9.95 - Missing Authorization]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.69 [CVE-2024-1982, WPvivid Backup and Migration <= 0.9.68 - Missing Authorization, WordPress WPvivid Backup and Migration Plugin <= 0.9.68 is vulnerable to Broken Access Control]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.69 [CVE-2024-1981, WPvivid Backup and Migration <= 0.9.68 - Unauthenticated SQL Injection, WordPress WPvivid Backup and Migration Plugin <= 0.9.68 is vulnerable to SQL Injection, WPvivid Backup and Migration &lt; 0.9.69 - Unauthenticated SQLi &amp; DoS]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.100 [CVE-2024-3054, WPvivid Backup & Migration Plugin <= 0.9.99 - Authenticated (Admin+) PHAR Deserialization, WordPress WPvivid Backup and Migration Plugin <= 0.9.99 is vulnerable to PHP Object Injection]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.106 [CVE-2024-7315, WordPress WPvivid Backup and Migration Plugin < 0.9.106 is vulnerable to Sensitive Data Exposure, Migration, Backup, Staging – WPvivid <= 0.9.105 - Sensitive Information Exposure]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.36 [CVE-2020-36835]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.36 [CVE-2020-36842]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.108 [CVE-2024-10962, Migration, Backup, Staging – WPvivid <= 0.9.107 - Unauthenticated PHP Object Injection, WordPress WPvivid Backup and Migration Plugin <= 0.9.107 is vulnerable to PHP Object Injection]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.107 [CVE-2024-56273, WordPress WPvivid Backup and Migration Plugin <= 0.9.106 is vulnerable to Broken Access Control, WPvivid Backup and Migration <= 0.9.106 - Missing Authorization, EUVD-2024-53070]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.113 [CVE-2024-13869, Migration, Backup, Staging – WPvivid <= 0.9.112 - Authenticated (Admin+) Arbitrary File Upload via wpvivid_upload_file, EUVD-2025-4422]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.117 [CVE-2025-5961, Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload, EUVD-2025-19880]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.121 [CVE-2025-12654, Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.120 - Authenticated (Admin+) Arbitrary Directory Creation, EUVD-2025-204659]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.124 [CVE-2026-1357, Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload]
  • WPvivid — Backup, Migration &amp; Staging [wpvivid-backuprestore] < 0.9.129 [CVE-2025-12656, Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.128 - Authenticated (Admin+) Arbitrary Directory Deletion, EUVD-2025-210080, Migration, Backup, Staging – WPvivid Backup &amp; Migration &lt;= 0.9.128 - Authenticated (Admin+) Arbitrary Directory Deletion]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.