Thursday, Sep 28, 2023
English News
  • Hyderabad
  • Telangana
  • AP News
  • India
  • World
  • Entertainment
  • Science and Tech
  • Sport
  • Business
  • Rewind
  • ...
    • NRI
    • View Point
    • cartoon
    • Columns
    • Education Today
    • Reviews
    • Property
    • Videos
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • Columns
  • Reviews
  • Education Today
  • Property
  • Videos
  • Lifestyle
Home | News | Serious Bug In Wordpress Plugin With Over 3 Mn Installations Found

Serious bug in WordPress plugin with over 3 mn installations found

New Delhi: A serious vulnerability has been found in WordPress plugin with over 3 million installations, that may have allowed logged-in users, including subscriber-level users, to download backups made with the plugin. Backups are a treasure trove of sensitive information. UpdraftPlus, a WordPress plugin with over 3 million installations, updated with a security fix on Thursday […]

By IANS
Published Date - 12:10 PM, Fri - 18 February 22
Serious bug in WordPress plugin with over 3 mn installations found
whatsapp facebook twitter telegram

New Delhi: A serious vulnerability has been found in WordPress plugin with over 3 million installations, that may have allowed logged-in users, including subscriber-level users, to download backups made with the plugin.

Backups are a treasure trove of sensitive information.

UpdraftPlus, a WordPress plugin with over 3 million installations, updated with a security fix on Thursday for a vulnerability discovered by security researcher Marc Montpas.

“UpdraftPlus is a popular back-up plugin for WordPress sites and as such it is expected that the plugin would allow you to download your backups,” said the Wordfence Threat Intelligence team.

One of the features that the plugin implemented was the ability to send back-up download links to an email of the site owner’s choice.

“Unfortunately, this functionality was insecurely implemented making it possible for low-level authenticated users like subscribers to craft a valid link that would allow them to download backup files,” Wordfence explained in a blog post.

Successfully exploiting this vulnerability would take an attacker with an active account on the target system.

“We urge all users running the UpdraftPlus plugin to update to the latest version of the plugin as soon as possible, if you have not already done so, since the consequences of a successful exploit would be severe,” Wordfence said.

“This vulnerability was patched in version 1.22.3 of UpdraftPlus, and as such we strongly encourage you to verify that your site is running the most up to date version of the plugin and updating immediately if it is not”.


Now you can get handpicked stories from Telangana Today on Telegram everyday. Click the link to subscribe.

Click to follow Telangana Today Facebook page and Twitter .


Telangana Today Whatsapp
  • Follow Us :
  • Tags
  • installations
  • UpdraftPlus
  • WordPress

Related News

  • WordPress now selling 100-year domains for your lifetime

    WordPress now selling 100-year domains for your lifetime

  • Critical plugin bug puts over 2 lakh WordPress websites at risk of hacking

    Critical plugin bug puts over 2 lakh WordPress websites at risk of hacking

  • Google introduces cool features in Web Stories for WordPress

    Google introduces cool features in Web Stories for WordPress

  • Ather offers free of cost EV charging in Hyderabad

    Ather offers free of cost EV charging in Hyderabad

Latest News

  • KL deemed to be university successfully launches its first satellite KLSAT

    9 seconds ago
  • Watch: Hyderabad cops groove to the beats at Ganesh Visarjan celebrations

    1 min ago
  • Net claims of non-residents on India rise to USD 379.7 billion in June quarter: RBI

    3 mins ago
  • AU plans to set up medical college

    6 mins ago
  • Sebi renews licences of NSE Clearing, Indian Clearing Corp for three years

    7 mins ago
  • CM Sukhu invites Himachali diaspora in UAE to invest in state’s green sector

    10 mins ago
  • Vizag-Sec’bad special train extended

    11 mins ago
  • Shakib maps out his retirement plan

    18 mins ago

company

  • Home
  • About Us
  • Contact Us

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

© Copyrights 2022 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam