The Backup Migration plugin for WordPress has a vulnerability that allows attackers to take control of the server. This vulnerability exists in all versions up to version 1.3.7 and is caused by attackers being able to control the values passed to an include file called /includes/backup-heart.php. This could allow unauthenticated attackers to access and execute code on the server.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
