CVE-2023-6553 – Critical WordPress Plugin Flaw: 90,000 Websites at Risk of Takeover

CVE-2023-6553

Attention, WordPress users: A critical vulnerability in a popular plugin has exposed thousands of websites to a potential takeover. This vulnerability, known as CVE-2023-6553, impacts the Backup Migration plugin used by over 90,000 websites.

What’s the threat?

This critical flaw, discovered by the Nex Team and reported to Wordfence, impacts all versions of Backup Migration up to 1.3.6. It allows unauthenticated attackers to inject PHP code and execute arbitrary commands on the server, essentially giving them complete control of your website.

This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated threat actors to easily execute code on the server,” Wordfence said.

By submitting a specially-crafted request, threat-actors can leverage this issue to include arbitrary, malicious PHP code and execute arbitrary commands on the underlying server in the security context of the WordPress instance.

What makes this vulnerability so dangerous?

  • Critical severity: Rated 9.8/10, it’s among the most severe vulnerabilities discovered this year.
  • Unauthenticated attack: No user interaction is needed, making it easy for attackers to exploit.
  • Remote code execution: Attackers can gain complete control of your website and execute arbitrary commands.

What should you do?

Immediately:

  • Update the Backup Migration plugin to version 1.3.8 or later to patch the CVE-2023-6553 vulnerability.
  • Back up your website data.
  • Change your WordPress login credentials.

Additional tips:

  • Keep your WordPress core, plugins, and themes updated to the latest versions.
  • Use strong passwords for all your accounts.
  • Regularly scan your website for vulnerabilities.

Don’t wait! Update your plugin today and secure your website from this critical vulnerability. By taking these steps, you can protect your website and prevent attackers from taking control.