"High Severity WordPress Plugin Bug Hits Three Million"

Security experts at Wordfence are urging users of a popular WordPress plugin to update immediately after a bug was found that could allow attackers to steal sensitive data and potentially even hijack vulnerable sites.  UpDraft Plus describes itself as “the world’s most trusted WordPress backup.”  The researchers noted that UpDraft Plus contains valuable data, including configuration files that could be used to access websites’ backend databases and their contents.  The new vulnerability CVE-2022-0633 could allow any logged-in user, including subscriber-level users, to download backups made with the plugin.  The researchers stated that one of the features that the plugin implemented was the ability to send backup download links to an email of the site owner’s choice, but unfortunately, this functionality was insecurely implemented, making it possible for low-level authenticated users like subscribers to craft a valid link that would allow them to download backup files.  The researchers noted that threat actors would need an active account on a victim’s system to exploit the vulnerability, meaning it would be largely confined to highly targeted attacks.  However, a CVSS score of 8.5 is rated high severity.  The researchers stated that the consequences of a successful targeted attack are likely to be severe, as they could include leaked passwords and PII, and in some cases, site takeover if the attacker is able to obtain database credentials from a configuration file and successfully access the site database.  All UpDraft Plus users are urged to upgrade to version 1.22.3 to fix the bug.

Infosecurity reports: "High Severity WordPress Plugin Bug Hits Three Million"