Cybersecurity Vulnerabilities

CVE-2025-10304: Critical Backup Disruption Vulnerability in Everest Backup WordPress Plugin

December 3, 2025 - By 

Overview

CVE-2025-10304 is a medium severity vulnerability affecting the Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin for WordPress. This vulnerability allows unauthenticated attackers to delete backup progress files, potentially causing backups to fail while they are in progress. This affects all versions up to and including 2.3.8.

Technical Details

The vulnerability stems from a missing capability check on the process_status_unlink() function within the plugin. This means that any user, even those not logged in, can trigger this function. By sending a crafted request to the server, an unauthenticated attacker can initiate the deletion of backup progress files. Because the plugin does not properly validate the user’s permissions before allowing the deletion of these files, a malicious actor can effectively disrupt the backup process.

CVSS Analysis

The Common Vulnerability Scoring System (CVSS) assigned a score of 5.3 (MEDIUM) to CVE-2025-10304. This score reflects the following characteristics:

  • Attack Vector (AV): Network (N) – The vulnerability can be exploited over a network.
  • Attack Complexity (AC): Low (L) – Exploitation is relatively easy.
  • Privileges Required (PR): None (N) – No privileges are required to exploit the vulnerability.
  • User Interaction (UI): None (N) – No user interaction is required.
  • Scope (S): Unchanged (U) – An exploited vulnerability can only affect resources managed by the same security authority.
  • Confidentiality Impact (C): None (N) – There is no impact to confidentiality.
  • Integrity Impact (I): Low (L) – There is a low impact to integrity. Data might be modified or deleted.
  • Availability Impact (A): Low (L) – There is a low impact to availability. Services might be disrupted.

Possible Impact

The primary impact of this vulnerability is the ability for unauthenticated attackers to disrupt backups. Successful exploitation can lead to:

  • Failed Backups: The deletion of progress files will cause the backup process to terminate prematurely, resulting in incomplete or no backups.
  • Data Loss: If backups are crucial for disaster recovery, a compromised backup strategy can increase the risk of significant data loss in the event of a server failure or security incident.
  • Denial of Service (DoS): Repeated disruption of backups can effectively prevent administrators from creating reliable backups.

Mitigation or Patch Steps

The recommended mitigation is to update the Everest Backup plugin to the latest version. The vulnerability has been patched in versions released after 2.3.8. To update, navigate to the Plugins section of your WordPress dashboard, locate the Everest Backup plugin, and click “Update Now.”

If updating is not immediately possible, consider temporarily disabling the plugin until the update can be applied. However, keep in mind that disabling the plugin will prevent you from creating new backups.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *