Unauthorized Data Access in Backup Migration Plugin for WordPress by WordPress
CVE-2023-6266

7.5HIGH

Key Information:

Vendor
Wordpress
Status
Backup Migration
Vendor
CVE Published:
11 January 2024

Summary

The Backup Migration plugin for WordPress contains a vulnerability that allows unauthorized access to sensitive backup files due to inadequate path and file validation. Specifically, the weakness exists in the BMI_BACKUP case of the handle_downloading function across all versions up to 1.3.6. This flaw can lead to unauthenticated attackers downloading confidential data, including user passwords, personally identifiable information (PII), database credentials, and other sensitive content stored within backups.

Affected Version(s)

Backup Migration * <= 1.3.6

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/backup-backup/...
https://plugins.trac.wordpress.org/browser/backup-backup/...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Rafshanzani Suhada
.