Zero-day Vulnerability in the WordPress BackupBuddy Plugin

Threat Advisories

Zero-day Vulnerability in the WordPress BackupBuddy Plugin

September 14, 2022
Threat Level
Red
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A zero-day vulnerability in the BackupBuddy WordPress plugin is being actively exploited. There are an estimated 140,000 active installations of the plugin, and the arbitrary file download/read vulnerability is identified under CVE-2022-31474.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest