Description
WordPress Plugin BackupBuddy is prone to multiple vulnerabilities, including PHP object injection and cross-site request forgery vulnerabilities. A successful exploit may allow an attacker to execute arbitrary PHP code within the context of the affected webserver process or to perform certain administrative actions; other attacks are also possible. WordPress Plugin BackupBuddy version 8.0.1.8 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
Jenkins Incorrect Authorization Vulnerability (CVE-2023-27899)
SharePoint CVE-2023-33159 Vulnerability (CVE-2023-33159)
WordPress Plugin ToolBar to Share Cross-Site Request Forgery (2.0)
WordPress Plugin WP Easy Gallery Cross-Site Scripting (4.1)
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6563)