A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million WordPress websites.
This security flaw allows unauthenticated attackers to exploit a PHP Object Injection vulnerability through deserialization of untrusted input.
The issue affects all versions of the plugin up to and including 1.24.11. A patch has been released in version 1.24.12 to address this significant risk.
.png
)
Vulnerability Details
The vulnerability has been officially documented as CVE-2024-10957, with a CVSS score of 8.8, categorizing it as a high-risk issue.
The vulnerability emerged from the recursive_unserialized_replace function within the plugin’s code. This flaw allows attackers to inject PHP Objects, affecting the security of websites using the plugin.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
Importantly, no known Proof of Concept (PoC) chains have been reported in the vulnerable software itself; however, if an additional plugin or theme also contains a vulnerability, the risks could escalate significantly.
According to researcher Webbernaut in the Wordfence report, the exploitation of this vulnerability requires an administrator to perform a search and replace action, which essentially triggers the exploit.
Once executed, it could lead to several severe consequences, including unauthorized file deletions, retrieval of sensitive user data, and even remote code execution. This vulnerability emphasizes the importance of routine updates and vigilance in maintaining WordPress installations.
For website owners using the UpdraftPlus plugin, it is essential to take immediate action to mitigate this vulnerability. The recommended remediation is straightforward: update the plugin to version 1.24.12 or any subsequent patched version.
The ease of updating plugins through the WordPress dashboard can significantly reduce the window of exposure to potential attacks.
Website administrators are urged to review their WordPress installations, including all active plugins, for any potential vulnerabilities. Ensuring that all software components are up-to-date is crucial in maintaining a secure online presence.
As the digital landscape continues to evolve, so do the threats posed by cyber attackers. Staying informed about vulnerabilities like CVE-2024-10957 and acting promptly to apply necessary updates can prevent significant security breaches.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
