A Vulnerability in the Backup Migration Plugin for WordPress Could Allow for Remote Code Execution | allinfosecnews.com

Dec. 12, 2023, 6:18 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in the Backup Migration Plugin for WordPress, which could allow for remote code execution. The Backup Migration Plugin helps admins automate site backups to local storage or a Google Drive account. Successful exploitation could allow for remote code execution in the context of the Server. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user …

account backup backups code code execution drive exploitation google google drive local migration plugin remote code remote code execution storage vulnerability wordpress

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 days, 13 hours ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Oracle Quarterly Critical Patches Issued April 16, 2024 1 week, 2 days ago | www.cisecurity.org

april code code execution critical +7

Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 1 week, 2 days ago | www.cisecurity.org

authentication avalanche code code execution +23

Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 1 week, 2 days ago | www.cisecurity.org

attacker chrome code code execution +9

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 1 week, 3 days ago | www.cisecurity.org

access arbitrary code arbitrary code execution browser +17

A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 2 weeks ago | www.cisecurity.org

alto arbitrary code arbitrary code execution code +16

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 weeks, 2 days ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2 weeks, 3 days ago | www.cisecurity.org

adobe adobe after effects adobe commerce after effects +14

Critical Patches Issued for Microsoft Products, April 09, 2024 2 weeks, 3 days ago | www.cisecurity.org

accounts april attacker change +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Data & Security Engineer Lead

@ LiquidX | Singapore, Central Singapore, Singapore

View on infosec-jobs.com

IT and Cyber Risk Control Lead

@ GXS Bank | Singapore - OneNorth

View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com

Cyber Security Analyst (Weekend 1st Shift)

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com

Senior Manager, Cybersecurity

@ BlueTriton Brands | Stamford, CT, US

View on infosec-jobs.com