CVE-2023-6553

high-risk

Published 2023-12-15

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server.

Do I need to act?

93.3% chance of exploitation in next 30 days

EPSS score — higher than 7% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

52486

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (1)

Backup Migration

Affected Vendors

Backupbliss

References (15)

Patch https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/bac...

Patch https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old...

Not Applicable https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-t...

Third Party Advisory https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab...

http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Rem...

Patch https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/bac...

Patch https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old...

Not Applicable https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-t...

Third Party Advisory https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab...

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 20/34 · Moderate

Exposure 5/34 · Minimal