Millions of WordPress site backups at risk due to a vulnerability in UpdraftPlus plugin

Threat Advisories

Millions of WordPress site backups at risk due to a vulnerability in UpdraftPlus plugin

February 21, 2022

THREAT LEVEL: Amber.

For a detailed advisory, download the pdf file here

UpdraftPlus is a backup tool for WordPress files, databases, plug-ins, and themes that allows you to create, restore, and migrate backups. UpdraftPlus is utilized by more than three million WordPress websites, according to its website, including those from P&G, NBA, Microsoft and NASA. An access control bypass vulnerability has been identified that allows even individuals with subscriber-level capabilities to access any UpdraftPlus backup.

An attacker can leverage this flaw to obtain access to privileged information stored in the database of the vulnerable site (e.g., usernames and hashed passwords).

This vulnerability has been fixed in UpdraftPlus Free version 1.22.3 & Premium version 2.22.3.

Potential MITRE ATT&CK TTPs are:

TA0001: Initial Access

T1190: Exploit Public-Facing Application

TA0004: Privilege Escalation

T1068: Exploitation for Privilege Escalation

Vulnerability Detail

Millions-of-WordPress-site-backups-at-risk-due-to-a-vulnerability-in-UpdraftPlus-plugin

Patch Link

https://downloads.wordpress.org/plugin/updraftplus.1.22.4.zip

https://updraftplus.com/wp-content/uploads/updraftplus.zip

References

https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3

https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.