1 day ago
6
Advertisement
High severity vulnerability in a WordPress backup plugin makes it possible for unauthenticated attackers to launch an attack.
A high severity vulnerability in a popular WordPress backup plugin allows unauthenticated attackers to exploit the flaw. The vulnerability is rated 8.8 on a scale of 0.0 to 10.
UpdraftPlus: WP Backup & Migration Plugin
The vulnerability affects the popular Updraft Plus WordPress plugin, installed in over 3 million websites. Updraft Plus comes in a free and paid version that allows users to upload backups to a user’s cloud storage or to email the files. The plugin allows users to manually backup the website or schedule it for automatic backups. It offers a tremendous amount of flexibility of what can be backed up and can make a huge difference for recovering from a catastrophic server issue and is also useful for migrating to a different server altogether.
Wordfence explains the vulnerability:
“The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.24.11 via deserialization of untrusted input in the ‘recursive_unserialized_replace’ function. This makes it possible for unauthenticated attackers to inject a PHP Object.
No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. An administrator must perform a search and replace action to trigger the exploit.”
The Updraft Plus changelog seems to minimize the vulnerability, it doesn’t even call the update a security patch, it’s labeled as a “tweak.”
From the official Updraft Plus WordPress plugin changelog:
“TWEAK: Complete the review and removal of calls to the unserialize() PHP function allowing class instantiation begun in 1.24.7. (The final removal involved a theoretical security defect, if your development site allowed an attacker to post content to it which you migrated to another site, and which contained customised code that could perform destructive actions which the attacker knew about, prior to you then cloning the site. The result of this removal is that some search-replaces, highly unlikely to be encountered in practice, will be skipped).”
Updraft Plus Vulnerability Patched
Users are recommended to consider updating their installations of Updraft Plus to the latest version, 1.24.12. All versions prior to the latest version are vulnerable.
Read the Wordfence advisory:
UpdraftPlus: WP Backup & Migration Plugin <= 1.24.11 – Unauthenticated PHP Object Injection
Featured Image by Shutterstock/Tithi Luadthong
SEJ STAFF Roger Montti Owner - Martinibuster.com at Martinibuster.com
I have 25 years hands-on experience in SEO, evolving along with the search engines by keeping up with the latest ...
)
English (US) ·