CyberSecurityBoard
Sponsor Register Login

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution

Critical remote code execution vulnerabilities have been found in two popular WordPress plugins.
The affected plugins, Backup Migration and Elementor, have a combined user base of more than five million.
Elementor is the most popular of the two, with more than five million active installations.
A website builder plugin, it helps administrators quickly create sites without writing a single line of code.
The issue was identified in Elementor version 3.17.3 and an incomplete patch was included in version 3.18.1.
On Friday, Elementor version 3.18.2 was released with a complete fix.
Backup Migration, a plugin for creating site backups and restoring them, has more than 90,000 active installations.
A vulnerability, tracked as CVE-2023-6553, was identified in the /includes/backup-heart.
Php file that the plugin uses, the Wordfence team at WordPress security firm Defiant explains.
Because an attacker can control the values passed to the include, the attacker could achieve RCE on the server, without authentication.
The security defect impacts Backup Migration versions 1.3.7 and earlier and was addressed with the release of versions 1.3.8.
Based on WordPress statistics, millions of websites are running outdated versions of the two plugins.
Site owners, administrators, and developers are advised to update to the latest versions of Elementor and Backup Migration as soon as possible.
There is no mention of any of these flaws being exploited in attacks, but unpatched vulnerabilities in WordPress plugins are often leveraged by threat actors.


This Cyber News was published on www.securityweek.com. Publication date: Tue, 12 Dec 2023 14:43:20 +0000


Cyber News related to Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution - Critical remote code execution vulnerabilities have been found in two popular WordPress plugins. The affected plugins, Backup Migration and Elementor, have a combined user base of more than five million. Elementor is the most popular of the two, with ...
6 months ago Securityweek.com
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack - On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. We immediately notified the WordPress Plugin's Team and they removed the ...
6 days ago Wordfence.com
Critical Unauthenticated Remote Code Execution Found in Backup Migration Plugin - Wordfence just launched its bug bounty program. On December 5th, 2023, shortly after the launch of our Holiday Bug Extravaganza, we received a submission for a PHP Code Injection vulnerability in Backup Migration, a WordPress plugin with over 90,000+ ...
6 months ago Wordfence.com
Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to Takeover - A critical unauthenticated remote control execution bug in a backup plug-in that's been downloaded more than 90,000 times exposes vulnerable WordPress sites to takeover - another example of the epidemic of risk posed by flawed plug-ins for the ...
6 months ago Darkreading.com
50K WordPress sites exposed to RCE attacks by critical bug in backup plugin - A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, the plugin helps admins automate site backups to ...
6 months ago Bleepingcomputer.com
3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords - Update #1: As of 12:36PM EST, another plugin has been infected. We've updated the list below to include this fourth plugin and the plugins team has been notified. Update #2: As of 2:20 PM EST, two more plugins appear to have malicious commits the ...
4 days ago Wordfence.com
75K+ WordPress Sites Impacted by Critical Plugin Flaws - A large-scale breach has impacted more than 75,000 WordPress sites that are running an online course plugin. According to security researchers, the plugin has three critical vulnerabilities that could expose customer data and be used to take over ...
1 year ago Bleepingcomputer.com
CVE-2023-2813 - All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before ...
9 months ago
Business Data Backup and Recovery Planning - Data backup and recovery planning is essential in today's interconnected and data-driven business landscape. By understanding the significance of data backup and recovery planning, businesses can effectively protect their critical information and ...
4 months ago Securityzap.com
WordPress Request Architecture and Hooks - Before diving into the security features of WordPress, it's critical to understand the underlying request architecture. WordPress is a dynamic system that processes and responds to user requests in various ways, depending on the nature of the request ...
1 day ago Wordfence.com
ChatGPT Extensions Could be Exploited to Steal Data and Sensitive Information - API security professionals Salt Security have released new threat research from Salt Labs highlighting critical security flaws within ChatGPT plugins, presenting a new risk for enterprises. Plugins provide AI chatbots like ChatGPT access and ...
3 months ago Itsecurityguru.org
GCP to AWS migration: A Comprehensive Guide - Embarking on a GCP to AWS migration journey can be both exciting and challenging. Before we dive into the technical details, let's explore why businesses might consider migrating from GCP to AWS. While GCP offers a range of services, AWS boasts an ...
5 months ago Feeds.dzone.com
An Inside Look at The Malware and Techniques Used in the WordPress.org Supply Chain Attack - After adding the malicious code to our Threat Intelligence Database and examining it, we quickly discovered that several other plugins were also affected. We will begin with the Blaze Widget plugin which saw the largest amount of activity in terms of ...
5 days ago Wordfence.com
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
1 year ago Securityaffairs.com
Record Breaking $153,000+ Already Invested into the Security of the WordPress Ecosystem by Wordfence - In just a few short months since our launch in November of last year, the Wordfence Bug Bounty Program has already awarded over $153,000 in bounties to WordPress security researchers who have been responsibly reporting security issues in WordPress ...
3 months ago Wordfence.com
Code Execution Update: Improve WordPress Security - In the ever-evolving landscape of digital security, WordPress has recently released a critical code execution update, version 6.4.2, addressing a potential threat that could jeopardize the integrity of vulnerable sites. This update, triggered by the ...
6 months ago Securityboulevard.com
CVE-2023-40004 - Missing Authorization vulnerability in ServMask All-in-One WP Migration Box Extension, ServMask All-in-One WP Migration OneDrive Extension, ServMask All-in-One WP Migration Dropbox Extension, ServMask All-in-One WP Migration Google Drive ...
1 week ago
Veeam Data Platform 23H2 update enhances resilience against ransomware - 1 release as well as Veeam ONE v12.1 and Veeam Recovery Orchestrator v7. This latest release from Veeam, with a focus on radical resilience, includes hundreds of new features and enhancements designed to not only protect enterprises' most critical ...
6 months ago Helpnetsecurity.com
Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
6 months ago Bleepingcomputer.com
JetBrains TeamCity Exploits Continue - This week's news includes open-source software vulnerabilities, endangered data, and continued attacks from state-sponsored Russian threat groups. Type of vulnerability: Cross-site scripting and command injection. The problem: Code analysis software ...
6 months ago Esecurityplanet.com
Haier hits Home Assistant plugin dev with takedown notice - Appliances giant Haier issued a takedown notice to a software developer for creating Home Assistant integration plugins for the company's home appliances and releasing them on GitHub. Haier is a multinational home appliances and consumer electronics ...
5 months ago Bleepingcomputer.com
Veeam adds BaaS capabilities for Veeam Backup for Microsoft 365 - Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and flexibility of Backup-as-a-Service for Microsoft 365. Utilizing the power and ...
6 months ago Helpnetsecurity.com
Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover - Microsoft has identified four vulnerabilities in the Perforce source-code management platform, the most critical of which gives attackers access to a highly privileged Windows OS account to potentially take over the system via remote code execution ...
6 months ago Darkreading.com
7 Keys to an Effective Hybrid Cloud Migration Strategy - Not very long ago, a hybrid cloud migration strategy amounted to a business extending its internal workloads into an environment it doesn't own. A hybrid cloud strategy was relatively simple - a combination of on-site resources and some type of cloud ...
5 months ago Techtarget.com
4500+ WordPress Sites Hacked with a Monero Cryptojacking Campaign - Security researchers recently reported the discovery of a massive Monero hacking campaign targeted at WordPress sites. According to reports, more than 4500 WordPress sites were compromised with a malicious cryptocurrency-mining campaign. The hackers ...
1 year ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)