![]() Let us know your thoughts in the comments. / to a file indicates the site may have been targeted for exploitation by this vulnerability. Presence of these parameters along with a full path to a file or the presence of. Moreover, users should also check their websites for a possible compromise by looking for the local-download and local-destination-id parameter value in the requests in the access log. Given the flaw’s active exploitation and the subsequent patch release, Wordfence urges users to update their sites with the latest plugin version. Following the researchers’ report, the vendors fixed the flaw with the release of the Backup Buddy plugin version 8.7.5. The researchers found the vulnerability affecting the plugin versions 8.5.8.0 to 8.7.4.1. Most of these attacks intended to obtain sensitive information by accessing the files /etc/passwd, /wp-config.php. The attackers originated from multiple IP addresses, each waging several thousand attack attempts. Hence, an adversary could download any file from the backup by calling the function from any administrative page, even without authentication.Īccording to Wordfence, they could detect (and block) at least 49 million exploitation attempts on this vulnerability since August 2022. More specifically the plugin registers an admin_init hook for the function intended to download local backup files and the function itself did not have any capability checks nor any nonce validation. Describing the exact cause triggering the glitch, the researchers stated in their post, Thus, an adversary could easily download any arbitrary file from the server. The researchers noticed that this local download feature for backup files had insecure implementation. The plugin also allows users to manage the backups in multiple cloud locations, such as AWS, Google Drive, etc., alongside supporting local backup storage. Backup Buddy Zero-Day VulnerabilityĪccording to a recent post from Wordfence, they noticed active exploitation of a zero-day vulnerability in the Backup Buddy WordPress plugin.īackup Buddy is a dedicated plugin for WordPress sites enabling users to manage site backups. Since the vulnerability has already caught the attention of criminal hackers, WordPress users must ensure to update their websites with the latest plugin version to receive the patch. ![]() The researchers detected millions of exploitation attempts for the flaw before it received a patch. A severe zero-day vulnerability in the Backup Buddy plugin has been revealed. Backup buddy is a WordPress plugin that allows you to backup, migrate, and restore your WordPress site.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |