WordPress BackWPup Plugin 'wpabs' Parameter Remote PHP Code Execution Vulnerability Network Vulnerability

Summary

This host is installed with WordPress BackWPup Plugin and is prone to remote PHP code execution vulnerability.

Impact

Successful exploitation will let remote attackers to execute malicious PHP code to in the context of an affected site. Impact Level: Application/System

Solution

Upgrade BackWPup Wordpress plugin to 1.7.1 or later, For updates refer to http://wordpress.org/extend/plugins/backwpup/ NOTE : Exploit will work properly, register_globals=On, allow_url_include=On and magic_quotes_gpc=Off

Insight

The flaws are caused by improper validation of user-supplied input to the 'wpabs' parameter in 'wp-content/plugins/backwpup/app/wp_xml_export.php', which allows attackers to execute arbitrary PHP code in the context of an affected site.

Affected

BackWPup Wordpress plugin version 1.6.1, Other versions may also be affected.

References

http://seclists.org/fulldisclosure/2011/Mar/328
http://www.exploit-db.com/exploits/17056/
http://www.senseofsecurity.com.au/advisories/SOS-11-003

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 9.7
AV:N/AC:L/Au:N/C:P/I:C/A:C

Related Vulnerabilities

ALCASAR Remote Code Execution Vulnerability
AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
Apache Axis2 Document Type Declaration Processing Security Vulnerability
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability

Take action and discover your vulnerabilities