OS Command Injection in WP-Database-Backup

On May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin was disclosed to the public by the Wordfence team. This is a very nasty bug which made it possible for a bad actor to get full control of affected websites — with over 70,000 reported active installs.

Are you Affected?

This vulnerability was patched with version 5.2, which was released on April 30th. If any of your websites use an older version, it is vulnerable.

Continue reading OS Command Injection in WP-Database-Backup at Sucuri Blog.

Story added 4. June 2019, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying
Worm ‘TheMoon’ infects Linksys routers
Cisco Removes Default Password From Video Surveillance Manager
Don’t Sweat Your Security: How to Safely Incorporate IoT Into Your Fitness Routine
Merkel puts NSA spying on EU leaders’ agenda
Enterprises Warned of New PetitPotam Attack Exposing Windows Domains
Lookout Partners With Deutsche Telekom
Cyber Asset Management Startup JupiterOne Raises $30 Million
Bitstamp loses $5 million in BTC after security breach, suspends service
Netflix deadlocked with broadcast regulator over “confidential” subscriber data

OS Command Injection in WP-Database-Backup

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts