A zero-day vulnerability in the WordPress BackupBuddy plugin is being actively exploited by hackers.
BackupBuddy allows users to back up their entire WordPress installation from the dashboard, including theme files, pages, posts, widgets, users, and media files. This plugin is active.
According to cybersecurity firm Wordfence, this vulnerability (CVE-2022-31474, CVSS score 7.5) allows unauthenticated users to download arbitrary files that may contain sensitive information from a compromised website. affect. The vulnerability affects versions 8.5.8.0 to 8.7.4.1 and has been patched in version 8.7.5 released on September 2, 2022.
The vulnerability stems from a "Local Directory Copy" function designed to store a local copy of the backups, as a result of an insecure implementation.
Top 10 IP addresses that perform attacks and attack attempts are prevented
Details of the vulnerability have not been disclosed due to the ongoing exploit and its ease of exploitation.
This vulnerability could allow an attacker to view the contents of any file on the server that the WordPress installation can read, including WordPress' wp-config.php file and even sensitive files. like /etc/passwd depending on your server setup ," said the plugin's developer.
According to Wordfence, the CVE-2022-31474 exploit began on August 26, 2022, and there have been nearly five million attacks prevented. Most of the attacks try to read the files below:
0 Comments