CVE-2026-4853 | backupguard JetBackup Plugin up to 3.1.19.8 on WordPress Invalid File sanitize_text_field fileName path traversal

A vulnerability was found in backupguard JetBackup Plugin up to 3.1.19.8 on WordPress. It has been declared as critical. Impacted is the function sanitize_text_field of the component Invalid File Handler. Executing a manipulation of the argument fileName can lead to path traversal.

This vulnerability is registered as CVE-2026-4853. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More