all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical RCE Vulnerability Patched in Backup Migration Plugin

Add to bookmarks
Dec. 13, 2023, 10:33 p.m. | Sucuri Malware Research Team

Sucuri Blog blog.sucuri.net

On December 6th, 2023, the WordPress plugin Backup Migration received a critical security patch for a remote code execution vulnerability. Details were released five days later after users were given an opportunity to install the patch, although the official CVE is still locked down in “reserved” mode.


Website administrators are advised to update to the most recent version 1.3.8 which contains several crucial security improvements. The vulnerability is ranked as 9.8 on the CVSS scale, so it’s about as bad …

administrators backup code code execution critical cve december down install locked migration mode official opportunity patch plugin rce remote code remote code execution security security advisory security patch vulnerability website wordpress wordpress plugin wordpress plugins and themes wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

Hundreds of Websites Targeted by Fake Google Chrome Update Pop-Ups 4 days, 9 hours ago | blog.sucuri.net
browser campaigns chrome chrome update +30
From Privacy to Exfiltration: Telegram’s Role in Website Malware 1 week, 3 days ago | blog.sucuri.net
abuse black hat tactics creators cybercriminals +21
WordPress Vulnerability & Patch Roundup May 2024 1 week, 5 days ago | blog.sucuri.net
attacks automated awareness disclosures +32
How to Fix the NET::ERR_CERT_DATE_INVALID Error 2 weeks, 2 days ago | blog.sucuri.net
address can certificate connection +14
Server Side Credit Card Skimmer Lodged in Obscure Plugin 2 weeks, 4 days ago | blog.sucuri.net
attackers card credit credit card +22
What is HTTP 504 Gateway Timeout & How to Fix It 3 weeks, 5 days ago | blog.sucuri.net
best practices can error errors +14
What is HTTP Error 502 Bad Gateway & How to Troubleshoot It 1 month ago | blog.sucuri.net
bad best practices can error +21
What is HTTP Error 429: Too Many Requests 1 month ago | blog.sucuri.net
access can code error +15
Mal.Metrica Redirects Users to Scam Sites 1 month, 1 week ago | blog.sucuri.net
analysts black hat tactics click compromised +11

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com