Thursday, Jun 30, 2022
English News
  • Hyderabad
  • Telangana
  • Andhra Pradesh
  • India
  • World
  • Entertainment
  • Science and Tech
  • Sport
  • Business
  • ...
    • NRI
    • View Point
    • cartoon
    • Columns
    • Reviews
    • Education Today
    • Property
    • Videos
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • Columns
  • Reviews
  • Education Today
  • Property
  • Videos
  • Lifestyle
Home | Tech | Serious Bug In Wordpress Plugin With Over 3 Mn Installations Found
Ads

Serious bug in WordPress plugin with over 3 mn installations found

By IANS
Published: Published Date - 12:10 PM, Fri - 18 February 22

New Delhi: A serious vulnerability has been found in WordPress plugin with over 3 million installations, that may have allowed logged-in users, including subscriber-level users, to download backups made with the plugin.

Backups are a treasure trove of sensitive information.

UpdraftPlus, a WordPress plugin with over 3 million installations, updated with a security fix on Thursday for a vulnerability discovered by security researcher Marc Montpas.

“UpdraftPlus is a popular back-up plugin for WordPress sites and as such it is expected that the plugin would allow you to download your backups,” said the Wordfence Threat Intelligence team.

One of the features that the plugin implemented was the ability to send back-up download links to an email of the site owner’s choice.

“Unfortunately, this functionality was insecurely implemented making it possible for low-level authenticated users like subscribers to craft a valid link that would allow them to download backup files,” Wordfence explained in a blog post.

Successfully exploiting this vulnerability would take an attacker with an active account on the target system.

“We urge all users running the UpdraftPlus plugin to update to the latest version of the plugin as soon as possible, if you have not already done so, since the consequences of a successful exploit would be severe,” Wordfence said.

“This vulnerability was patched in version 1.22.3 of UpdraftPlus, and as such we strongly encourage you to verify that your site is running the most up to date version of the plugin and updating immediately if it is not”.


Now you can get handpicked stories from Telangana Today on Telegram everyday. Click the link to subscribe.

Click to follow Telangana Today Facebook page and Twitter .


  • Follow Us :
  • Tags
  • installations
  • UpdraftPlus
  • WordPress

Related News

  • Google introduces cool features in Web Stories for WordPress

  • Ather offers free of cost EV charging in Hyderabad

Latest News

  • Fear of being scolded over homework; Class 4 student ends life in Hyderabad

    5 mins ago
  • Malaysia Open: Prannoy stuns world No. 4, joins Sindhu in quarters

    11 mins ago
  • Rise in cost of living impacting 71 per cent adults in India: Survey

    12 mins ago
  • Gear up for recruitment tests with commitment

    25 mins ago
  • Chris, Vijay shine for YMG in John Wesley Basketball Tournament

    25 mins ago
  • Warangal: Task Force seize Rs 8.20 lakh worth Gutka, three arrested

    26 mins ago
  • Hyderabad-based Endiya invests in AquaExchange

    35 mins ago
  • Netflix’s crime drama series ‘She S2’ features in Global Top 10

    44 mins ago

company

  • Home
  • About Us
  • Contact Us

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

© Copyrights 2022 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam