New Zero-day Flaw in BackupBuddy Plugin Leaves WordPress Users at Risk

 

Wordfence, a WordPress security company, has disclosed that a zero-day vulnerability in the BackupBuddy plugin is being actively exploited. 
“This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information,” it stated.
Users can back up their entire WordPress installation from the dashboard, including theme files, pages, posts, widgets, users, and media files, among other things. The flaw (CVE-2022-31474, CVSS score: 7.5) affects versions 8.5.8.0 to 8.7.4.1 of the plugin, which has an estimated 140,000 active installations. It was fixed in version 8.7.5, which was released on September 2, 2022. 
The problem stems from the “Local Directory Copy” function, which is intended to keep a local copy of the backups. The vulnerability, according to Wordfence, is the consequence of an insecure implementation that allows an unauthenticated threat actor to download any arbitrary file on the server. Additional information about the vulnerability has been withheld due to active in-the-wild abuse and the ease with which it can be exploited.
The plugin’s developer, iThemes, said, “This vulnerability could allow an attacker

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: