9.8
CVE-2023-6971
- EPSS 9.06%
- Veröffentlicht 23.12.2023 02:15:45
- Zuletzt bearbeitet 21.11.2024 08:44:57
- Quelle security@wordfence.com
- CVE-Watchlists
- Unerledigt
LoginBackup Migration 1.0.8 - 1.3.9 - Remote File Inclusion via content-dir
The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of this vulnerability requires that the target server's php.ini is configured with 'allow_url_include' set to 'on'. This feature is deprecated as of PHP 7.4 and is disabled by default, but can still be explicitly enabled in later versions of PHP.
Mögliche Gegenmaßnahme
Backup Migration: Update to version 1.4.0, or a newer patched version
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Backup Migration
Version
1.0.8-1.3.9
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Backupbliss ≫ Backup Migration SwPlatformwordpress Version >= 1.0.8 < 1.4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.06% | 0.923 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| security@wordfence.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-829 Inclusion of Functionality from Untrusted Control Sphere
The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.