Back to overview

CVE-2026-8996

MEDIUM
6.5
CVSS 3.1
Description
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.22.26 via the download_recent_decrypted_file_wptc. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract download the most recently admin-decrypted SQL database backup, which typically contains password hashes, user credentials, and other sensitive site configuration data stored in the 'recent_decrypted_file' option. Exploitation requires that an administrator has previously performed a decrypt action, causing the decrypted SQL backup file to exist in the plugin's upload directory; without this prior admin action, there is no file to serve.

Metadata

CVE ID
CVE-2026-8996
State
PUBLISHED
Assigner
Wordfence
Reserved
2026-05-19 13:31 UTC
Published
2026-07-09 06:52 UTC
Last updated
2026-07-09 06:52 UTC
Primary CWE
CWE-862
CWE-862 Missing Authorization
Vendor / Product
revmakx / Backup and Staging by WP Time Capsule
Sources
cve.org  ·  NVD

Severity & Metrics

6.5 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products (1)
VendorProductPlatformVersions
revmakx Backup and Staging by WP Time Capsule 0 ≤ 1.22.26
Weakness (CWE)
CWESourceDescription
CWE-862 cna CWE-862 Missing Authorization
CVSS scores (1)
ScoreSeverityVersionSourceVector
6.5 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Back to overview