Vulnerability Details CVE-2023-7002
The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.232
EPSS Ranking 95.6%
CVSS Severity
CVSS v3 Score 7.2
References
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L1503
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L1518
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L88
- https://plugins.trac.wordpress.org/changeset/3012745/backup-backup
- https://www.linuxquestions.org/questions/linux-security-4/php-function-exec-enabled-how-big-issue-4175508082/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/cc49db10-988d-42bd-a9cf-9a86f4c79568?source=cve
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L1503
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L1518
- https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.9/includes/ajax.php#L88
- https://plugins.trac.wordpress.org/changeset/3012745/backup-backup
- https://www.linuxquestions.org/questions/linux-security-4/php-function-exec-enabled-how-big-issue-4175508082/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/cc49db10-988d-42bd-a9cf-9a86f4c79568?source=cve
Products affected by CVE-2023-7002
-
cpe:2.3:a:backupbliss:backup_migration:-
-
cpe:2.3:a:backupbliss:backup_migration:1.0.0
-
cpe:2.3:a:backupbliss:backup_migration:1.0.1
-
cpe:2.3:a:backupbliss:backup_migration:1.0.2
-
cpe:2.3:a:backupbliss:backup_migration:1.0.3
-
cpe:2.3:a:backupbliss:backup_migration:1.0.4
-
cpe:2.3:a:backupbliss:backup_migration:1.0.5
-
cpe:2.3:a:backupbliss:backup_migration:1.0.6
-
cpe:2.3:a:backupbliss:backup_migration:1.0.7
-
cpe:2.3:a:backupbliss:backup_migration:1.0.8
-
cpe:2.3:a:backupbliss:backup_migration:1.0.9
-
cpe:2.3:a:backupbliss:backup_migration:1.1.0
-
cpe:2.3:a:backupbliss:backup_migration:1.1.1
-
cpe:2.3:a:backupbliss:backup_migration:1.1.2
-
cpe:2.3:a:backupbliss:backup_migration:1.1.3
-
cpe:2.3:a:backupbliss:backup_migration:1.1.4
-
cpe:2.3:a:backupbliss:backup_migration:1.1.5
-
cpe:2.3:a:backupbliss:backup_migration:1.1.6
-
cpe:2.3:a:backupbliss:backup_migration:1.1.7
-
cpe:2.3:a:backupbliss:backup_migration:1.1.8
-
cpe:2.3:a:backupbliss:backup_migration:1.1.9
-
cpe:2.3:a:backupbliss:backup_migration:1.2.0
-
cpe:2.3:a:backupbliss:backup_migration:1.2.1
-
cpe:2.3:a:backupbliss:backup_migration:1.2.2
-
cpe:2.3:a:backupbliss:backup_migration:1.2.3
-
cpe:2.3:a:backupbliss:backup_migration:1.2.4
-
cpe:2.3:a:backupbliss:backup_migration:1.2.5
-
cpe:2.3:a:backupbliss:backup_migration:1.2.6
-
cpe:2.3:a:backupbliss:backup_migration:1.2.7
-
cpe:2.3:a:backupbliss:backup_migration:1.2.8
-
cpe:2.3:a:backupbliss:backup_migration:1.2.9
-
cpe:2.3:a:backupbliss:backup_migration:1.3.0
-
cpe:2.3:a:backupbliss:backup_migration:1.3.1
-
cpe:2.3:a:backupbliss:backup_migration:1.3.2
-
cpe:2.3:a:backupbliss:backup_migration:1.3.3
-
cpe:2.3:a:backupbliss:backup_migration:1.3.4
-
cpe:2.3:a:backupbliss:backup_migration:1.3.5
-
cpe:2.3:a:backupbliss:backup_migration:1.3.6
-
cpe:2.3:a:backupbliss:backup_migration:1.3.7
-
cpe:2.3:a:backupbliss:backup_migration:1.3.8
-
cpe:2.3:a:backupbliss:backup_migration:1.3.9