Zero-day Vulnerability in the WordPress BackupBuddy Plugin

Threat Advisories

Zero-day Vulnerability in the WordPress BackupBuddy Plugin

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A zero-day vulnerability in the BackupBuddy WordPress plugin is being actively exploited. There are an estimated 140,000 active installations of the plugin, and the arbitrary file download/read vulnerability is identified under CVE-2022-31474.

Sign up to receive our Weekly Threat Digest