News Heading

WordPress Backup Migration Plugin Flaw Exposes 90K Websites to RCE Attacks

Reading time: 2 min

Updated on Dec 19, 2023

  • Shipra Sanganeria

    Written by: Shipra Sanganeria Cybersecurity & Tech Writer

  • Justyn Newman

    Fact-Checked by Justyn Newman Head Content Manager

A popular WordPress plugin with over 90,000 active installs makes many websites vulnerable to potential remote code execution (RCE) attacks.

The plugin known as Backup Migration has various functionalities like scheduling automatic site backups to specific storage facilities.

Tracked as CVE-2023-6553, the vulnerability with a CVSS score of 9.8, allows unauthenticated threat actors to fully compromise a site by exploiting the flaw to inject arbitrary PHP code.

‘’The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file,’’ Wordfence team said.

‘’This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated threat actors to easily execute code on the server.’’

The RCR vulnerability was reported by Wordfence to BackupBliss, the development team behind Backup Migration. Within hours of reporting, a patch to fix the vulnerability was released. Nevertheless, Wordfence reported that before the publication of the blog, it had already blocked 394 attacks.

Administrators and developers are advised to update and secure their websites against this critical vulnerability, by applying the latest patched version (1.3.8 version) of Backup Migration.

The vulnerability was identified by a team of bug hunters called Nex Team, who reported it to Wordfence, under their bug bounty program. On December 5, the Team reported the bug and the very next day Wordfence validated it and confirmed the proof-of-concept exploit.

It released a firewall rule to protect customers and sent over the full disclosure details to the plugin developer, who released a fix after acknowledging the report.

The bug-bounty program by Wordfence was a huge success, with nearly 130 vulnerabilities submission and registration of over 270 vulnerability researchers.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!
0 Voted by 0 users
Title
Comment
Thanks for your feedback
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Show more...