Vulnerability Bulletins

Critical Vulnerabilities Patched in XCloner Backup and Restore Plugin


System information

   
Affected software Wordpress

Description

On August 14, our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites. This flaw gave authenticated attackers, with subscriber-level or above capabilities, the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution on […]

More info:

https://www.wordfence.com/blog/2020/09/critical-vulnerabilities-patched-in-xcloner-backup-and-restore-plugin/

Standar resources

Property Value
CVE

Version history

Version Comments Date
1.0 Advisory issued 2020-09-24
Ministerio de Defensa
CNI
CCN
CCN-CERT