all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical RCE Vulnerability Patched in Backup Migration Plugin

Add to bookmarks
Dec. 13, 2023, 10:33 p.m. | Sucuri Malware Research Team

Sucuri Blog blog.sucuri.net

On December 6th, 2023, the WordPress plugin Backup Migration received a critical security patch for a remote code execution vulnerability. Details were released five days later after users were given an opportunity to install the patch, although the official CVE is still locked down in “reserved” mode.


Website administrators are advised to update to the most recent version 1.3.8 which contains several crucial security improvements. The vulnerability is ranked as 9.8 on the CVSS scale, so it’s about as bad …

administrators backup code code execution critical cve december down install locked migration mode official opportunity patch plugin rce remote code remote code execution security security advisory security patch vulnerability website wordpress wordpress plugin wordpress plugins and themes wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

What is a Zero-Day Vulnerability? 1 day, 14 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 3 days, 16 hours ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 1 day ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 1 week, 3 days ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 1 day ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 2 weeks, 4 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 3 weeks, 3 days ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise 1 month ago | blog.sucuri.net
analysis campaign clear client +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs