What is CVE-2021-47979?

CVE-2021-47979 is a high-severity vulnerability in Miniorange Backup And Restore, classified under Path Traversal. CVSS score: 8.8/10. Published 2026-05-16.

How severe is CVE-2021-47979?

High severity. CVSS v3 base score is 8.8 out of 10.

Path Traversal in Miniorange Backup And Restore

CVE-2021-47979

WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (17.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Miniorange Backup And Restore — versions 1.0.3

Weakness classification (CWE)

CWE-22 — Path Traversal

References

disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2021-47979?: CVE-2021-47979 is a high-severity vulnerability in Miniorange Backup And Restore, classified under Path Traversal. CVSS score: 8.8/10. Published 2026-05-16.
How severe is CVE-2021-47979?: High severity. CVSS v3 base score is 8.8 out of 10.