{"id":178182,"date":"2023-12-12T15:23:14","date_gmt":"2023-12-12T21:23:14","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/12\/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin"},"modified":"2023-12-12T15:23:14","modified_gmt":"2023-12-12T21:23:14","slug":"50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/12\/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin","title":{"rendered":"50K WordPress sites exposed to RCE attacks by critical bug in backup plugin"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin2.jpg\"><\/a><\/p>\n<p>A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.<\/p>\n<p>Known as <a href=\"https:\/\/wordpress.org\/plugins\/backup-backup\/\" target=\"_blank\" rel=\"nofollow noopener\">Backup Migration<\/a>, the plugin helps admins automate site backups to local storage or a Google Drive account.<\/p>\n<p>The security bug (tracked as <a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2023-6553\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2023\u20136553<\/a> and rated with a <a href=\"https:\/\/www.first.org\/cvss\/calculator\/3.1#CVSS:3.1\/AV: N\/AC: L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\" target=\"_blank\" rel=\"nofollow noopener\">9.8\u00f710 severity score<\/a>) was discovered by a team of bug hunters known as <a href=\"https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/wordpress-plugins\/backup-backup\/backup-migration-137-unauthenticated-remote-code-execution\" target=\"_blank\" rel=\"nofollow noopener\">Nex Team<\/a>, who reported it to WordPress security firm Wordfence under a recently launched bug bounty program.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, the plugin helps admins automate site backups to local storage or a Google Drive account. The security bug (tracked as CVE-2023\u20136553 and rated with a 9.8\u00f710 [\u2026]<\/p>\n","protected":false},"author":662,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,6],"tags":[],"class_list":["post-178182","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-robotics-ai"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/178182","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/662"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=178182"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/178182\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=178182"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=178182"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=178182"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}