Get in Touch
Please get in touch using the form below.
WordPress Plugin Vulnerability
Overview
Over three million WordPress installations were affected by a vulnerability (CVE-2022-0633) in the UpdraftPlus backup plugin. This could be used by logged in users to access the private backups which should be restricted to administrators.
Impact
An unprivileged user could download database backups which include website data, user account information and hashed passwords as well as sensitive configuration files.
Affected Products
Every UpdraftPlus version between 1.16.7 and 1.22.3.
Containment, Mitigations & Remediations
Update the plugin and ensure auto-updates are enabled for quicker automatic remediation in future.
Threat Landscape
There’s no evidence of exploitation in-the-wild.
The exploit could be used to gain read access to the database but not to make changes so it’s not immediately useful for Ransomware attacks. Access to passwords could allow additional access but this would require further effort as they were stored in a hashed format.
Mitre Methodologies
T1212 – Exploitation for Credential Access