CVE Catalog

CVE-2026-42760

High
Published: Translated: NVD NIST

Summary

An authentication bypass vulnerability in the Backup and Staging by WP Time Capsule plugin allows for password recovery exploitation. This issue affects versions from n/a through 1.22.25.

Risk Assessment

An attacker could gain access to the password recovery feature, potentially leading to unauthorized access to user data. This poses a significant security risk to the organization.

Recommendation

It is recommended to update the Backup and Staging by WP Time Capsule plugin to the latest version to mitigate this vulnerability.

Original NVD description (English source)

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through <= 1.22.25.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS