- "기밀 VM의 빈틈을 메운다" 마이크로소프트의 오픈소스 파라바이저 '오픈HCL'란?
- The best early Black Friday AirPods deals: Shop early deals
- The 19 best Black Friday headphone deals 2024: Early sales live now
- I tested the iPad Mini 7 for a week, and its the ultraportable tablet to beat at $100 off
- The best Black Friday deals 2024: Early sales live now
High Severity WordPress Plugin Bug Hits Three Million
Security experts are urging users of a popular WordPress plugin to update immediately after a bug was found that could allow attackers to steal sensitive data and potentially even hijack vulnerable sites.
UpDraft Plus describes itself as “the world’s most trusted WordPress backup.”
This makes it a “treasure trove” of valuable data, including configuration files that could be used to access websites’ backend databases and their contents, warned security vendor Wordfence.
Unfortunately, the new vulnerability (CVE-2022-0633) could allow any logged-in user, including subscriber-level users, to download backups made with the plugin.
“One of the features that the plugin implemented was the ability to send backup download links to an email of the site owner’s choice,” the firm explained. “Unfortunately, this functionality was insecurely implemented making it possible for low-level authenticated users like subscribers to craft a valid link that would allow them to download backup files.”
Threat actors would need an active account on a victim’s system to exploit the vulnerability, meaning it would be largely confined to highly targeted attacks. However, a CVSS score of 8.5 is rated high severity.
“The consequences of a successful targeted attack are likely to be severe, as they could include leaked passwords and PII, and in some cases site takeover if the attacker is able to obtain database credentials from a configuration file and successfully access the site database,” said Wordfence.
All UpDraft Plus users are urged to upgrade to version 1.22.3, fixing the bug.
“WordPress represents one of the largest backends of websites on the internet. The security problems in WordPress come from its vast ecosystem of plugins that run the gamut from capable developers to hobbyists,” explained Netenrich principal threat hunter, John Bambenek.
“Access to the backups and database will likely first be used for credential theft but there are many possibilities for attackers to take advantage of the information. It’s a good and proactive move for WordPress to have its own threat intel team that is working vulnerabilities in third-party plugins.”