The developers of the popular UpdraftPlus plugin announced a series of updates to address a vulnerability that would allow any user who has logged into a WordPress website with this plugin to download the backups available on the systems, which could potentially lead to the leakage of sensitive information.

Wordfence researchers published a proof of concept (PoC) demonstrating that the attack depends on the existence of a backup, plus attackers would have to guess the proper timestamp for downloading the information. According to experts, there are some features that make the vulnerability more exploitable.

UpdraftPlus announced that the flaw was addressed with the release of version 1.22.3, asking users of affected versions to update as soon as possible: “UpdraftPlus is a backup plugin and as such is expected to allow you to download this information. One of its main features is the ability to send links for the download of these backups to a default email address; unfortunately, this functionality was implemented insecurely, allowing low-level authenticated users to create valid links to download backup files,” the developers added.

The error relates to the verification function UpdraftPlus_Options::admin_page() === $pagenow. A threat actor could evade this verification for the plugin to interpret the request as being for options-general.php, while WordPress still considers the request to be for an admin-post.php allowed endpoint.

Exploiting the vulnerability also requires hackers to control an active account on the affected system: “Due to its features, the attack is likely to only be used in targeted attacks,” the researchers add.

Wordfence concluded its report by recommending users upgrade to the latest version available: “We recommend WordPress website administrators using this plugin to update as soon as possible to mitigate the risk of sensitive data leakage.” The researchers also mentioned that so far no active exploitation attempts have been detected.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Secure your WordPress backups. Critical vulnerability in UpdraftPlus plugin affects millions of websites appeared first on Information Security Newspaper | Hacking News.

source

You May Also Like

Vulnerability in Schneider Electric Modicon PLCs would allow hackers to bypass authentication mechanisms and take over these IoT devices

Cybersecurity specialists report the discovery of an authentication bypass vulnerability that resides…

Eight vulnerabilities in 16 URL parsing libraries written in C, JavaScript, PHP, Python and Ruby; hackers could deploy DoS and RCE attacks against thousands of web applications

Cybersecurity specialists report the detection of at least eight critical vulnerabilities in…

3 critical vulnerabilities in APC UPS could be exploited to shot down thousands of data centers

Cybersecurity specialists report the detection of three zero-day vulnerabilities in uninterruptible power…