Vulnerability In WPvivid Backup Plugin Could Expose Files Of WordPress Sites

Researchers found a serious security vulnerability in the WPvivid Backup plugin threatening numerous WordPress sites. Upon exploitation, this plugin vulnerability could expose all files of the target website to an adversary.

WPvivid Backup Plugin Vulnerability

Reportedly, the security team from WebARX found a vulnerability in the WPvivid Backup WordPress plugin. As stated in their advisory, the critical flaw could allow an authenticated user to meddle with the default backup location.

The most critical registered wp_ajax action that does not have an authorization check would be wp_ajax_wpvivid_add_remote.
It allows any authenticated user, regardless of their user role, to add a new remote storage location and set it as the default backup location.

This would result in the backup being made on the new default location set up by the attacker upon execution of the plugin.

This not only causes an unwanted exposure of sensitive data files of the website but may also cause data loss. Likewise, this would also allow the adversary to lure a site admin to execute an action from the plugin.

Developers Fixed The Bug

Upon finding the vulnerability, the researchers reached out to the developers to inform them of the flaw. Consequently, the team behind this plugin fixed the bug with the release of WPvivid Backup Plugin version 0.9.36.

According to the plugin page, WPvivid Backup presently has more than 40,000 active installations. It means that the CSRF vulnerability discussed above potentially risked the security of thousands of websites.

Regarding how the patch works, the researchers stated,

we can see that a call to ajax_check_security has been added to multiple places. This function checks the validity of the nonce token and checks the user role.

Since the patch is out, all respective site admins should make sure that they have installed the patched version of the plugin.

WPvivid Backup Plugin is a comprehensive solution for backup, restoration, and migration of WordPress sites.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients