Author: databasebackup

Alerts (0)

No open alerts.

Show 2 resolved alerts

Critical code_pattern WP Database Backup – Unlimited Database & Files Backup by Backup for WP Resolved · false_positive_documented_feature 2d ago

Slug	wp-database-backup
Pattern	`wpconfig_creds_string`
Kind	`builtin`
Version	`7.10`
Hit count	10
First hit	File `includes/admin/class-wpdbbkp-restore.php` Line 180 Snippet `preg_match("/'DB_NAME',\s'(.)?'/", $config_file, $matches);`
Explanation	plugin source contains a literal string `"DB_NAME"` / `"DB_USER"` / `"DB_PASSWORD"` / `"DB_HOST"` — the credential constants are referenced by name only when something is parsing wp-config.php to harvest the database password, which legitimate plugins essentially never do. Signature of the June 2024 credential-stuffing payload that walked the filesystem looking for wp-config files and exfiltrated DB creds. wp-config itself uses these as constants (no surrounding quotes); plugin code that quotes them is the malicious shape.

View raw JSON

{
    "slug": "wp-database-backup",
    "pattern": "wpconfig_creds_string",
    "kind": "builtin",
    "version": "7.10",
    "hit_count": 10,
    "first_hit": {
        "file": "includes/admin/class-wpdbbkp-restore.php",
        "line": 180,
        "snippet": "preg_match(\"/'DB_NAME',\\s*'(.*)?'/\", $config_file, $matches);"
    },
    "explanation": "plugin source contains a literal string `\"DB_NAME\"` / `\"DB_USER\"` / `\"DB_PASSWORD\"` / `\"DB_HOST\"` \u2014 the credential constants are referenced by name only when something is parsing wp-config.php to harvest the database password, which legitimate plugins essentially never do. Signature of the June 2024 credential-stuffing payload that walked the filesystem looking for wp-config files and exfiltrated DB creds. wp-config itself uses these as constants (no surrounding quotes); plugin code that quotes them is the malicious shape."
}

Critical code_scan_delta WP Database Backup – Unlimited Database & Files Backup by Backup for WP Resolved · false_positive_cdn_known_good 2d ago

Slug wp-database-backup

Previous version 7.10

Current version 7.10

New findings

Pattern	Kind	File	Line	Snippet	Confidence
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdbbkp-restore.php`	180	`preg_match("/'DB_NAME',\s'(.)?'/", $config_file, $matches);`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdbbkp-restore.php`	193	`preg_match("/'DB_NAME',\s'(.)?'/", $config_file, $matches);`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdbbkp-restore.php`	196	`preg_match("/'DB_USER',\s'(.)?'/", $config_file, $matches);`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdbbkp-restore.php`	199	`preg_match("/'DB_PASSWORD',\s'(.)?'/", $config_file, $matches);`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdbbkp-restore.php`	202	`preg_match("/'DB_HOST',\s'(.)?'/", $config_file, $matches);`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdb-admin.php`	3,096	`preg_match( "/'DB_NAME',\s'(.)?'/", $config_file, $matches );`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdb-admin.php`	3,099	`preg_match( "/'DB_USER',\s'(.)?'/", $config_file, $matches );`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdb-admin.php`	3,102	`preg_match( "/'DB_PASSWORD',\s'(.)?'/", $config_file, $matches );`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdb-admin.php`	3,105	`preg_match( "/'DB_HOST',\s'(.)?'/", $config_file, $matches );`	`high`
`wpconfig_creds_string`	`builtin`	`includes/admin/class-wpdb-admin.php`	3,122	`preg_match( "/'DB_NAME',\s'(.)?'/", $config_file, $matches );`	`high`

New finding count 10

View raw JSON

{
    "slug": "wp-database-backup",
    "previous_version": "7.10",
    "current_version": "7.10",
    "new_findings": [
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdbbkp-restore.php",
            "line": 180,
            "snippet": "preg_match(\"/'DB_NAME',\\s*'(.*)?'/\", $config_file, $matches);",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdbbkp-restore.php",
            "line": 193,
            "snippet": "preg_match(\"/'DB_NAME',\\s*'(.*)?'/\", $config_file, $matches);",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdbbkp-restore.php",
            "line": 196,
            "snippet": "preg_match(\"/'DB_USER',\\s*'(.*)?'/\", $config_file, $matches);",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdbbkp-restore.php",
            "line": 199,
            "snippet": "preg_match(\"/'DB_PASSWORD',\\s*'(.*)?'/\", $config_file, $matches);",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdbbkp-restore.php",
            "line": 202,
            "snippet": "preg_match(\"/'DB_HOST',\\s*'(.*)?'/\", $config_file, $matches);",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdb-admin.php",
            "line": 3096,
            "snippet": "preg_match( \"/'DB_NAME',\\s*'(.*)?'/\", $config_file, $matches );",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdb-admin.php",
            "line": 3099,
            "snippet": "preg_match( \"/'DB_USER',\\s*'(.*)?'/\", $config_file, $matches );",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdb-admin.php",
            "line": 3102,
            "snippet": "preg_match( \"/'DB_PASSWORD',\\s*'(.*)?'/\", $config_file, $matches );",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdb-admin.php",
            "line": 3105,
            "snippet": "preg_match( \"/'DB_HOST',\\s*'(.*)?'/\", $config_file, $matches );",
            "confidence": "high"
        },
        {
            "pattern": "wpconfig_creds_string",
            "kind": "builtin",
            "file": "includes/admin/class-wpdb-admin.php",
            "line": 3122,
            "snippet": "preg_match( \"/'DB_NAME',\\s*'(.*)?'/\", $config_file, $matches );",
            "confidence": "high"
        }
    ],
    "new_finding_count": 10
}

Plugins authored (1)

Plugin	Version	Installs	Last updated	Status
WP Database Backup – Unlimited Database & Files Backup by Backup for WP ·`wp-database-backup`	7.10	30k+	1mo ago	Active

SVN commit access (1)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin	Primary author	Installs	Commits	First	Latest	Status
WP Database Backup – Unlimited Database & Files Backup by Backup for WP	databasebackup	30k+	86	3y ago	1mo ago	Active

Contributor on other plugins (1)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin	Primary author	Version	Installs
WP All Backup	walkeprashant	2.4.3	—

Backup For WP

Alerts (0)

Plugins authored (1)

SVN commit access (1)

Contributor on other plugins (1)