Backup Buddy Vulnerability2 min read
A zero-day flaw in a WordPress plugin known as BackupBuddy is being actively exploited, WordPress safety firm Wordfence has disclosed.
“This vulnerability makes it attainable for unauthenticated customers to obtain arbitrary information from the affected web site which might embody delicate info,” it mentioned.
The vulnerability impacts variations 18.104.22.168 to eight.7.4.1,
The BackupBuddy plugin for WordPress is designed to make back-up administration simple for WordPress web site house owners.
One of many options within the plugin is to retailer back-up information in a number of completely different places, referred to as Locations, which embody Google Drive, OneDrive, and AWS for instance.
There may be additionally the flexibility to retailer back-up downloads regionally by way of the ‘Native Listing Copy’ possibility. Sadly,
the tactic to obtain these regionally saved information was insecurely applied making it attainable for unauthenticated customers to obtain any file saved on the server.
Extra particularly the plugin registers an admin_init hook for the perform meant to obtain native back-up information and the perform itself didn’t have any functionality checks nor any nonce validation.
Which means the perform might be triggered by way of any administrative web page, together with these that may be known as with out authentication (admin-post.php), making it attainable for unauthenticated customers to name the perform.
The back-up path shouldn’t be validated and subsequently an arbitrary file might be equipped and subsequently downloaded.
We strongly encourage you to make sure your web site has been up to date to the most recent patched model 8.7.5 which iThemes has made obtainable to all web site house owners operating a susceptible model no matter licensing standing