Top 5 This Week

Related Posts

Critical WordPress RCE Bug Exposes 50K Sites

Getting your Trinity Audio player ready...

WordPress RCE Vulnerability: 50K Sites at Risk Due to Backup Plugin Flaw

A high-severity WordPress RCE vulnerability has put over 50,000 WordPress sites at risk. This critical bug, found in a widely-used backup plugin, poses a serious threat to website security.

Named Backup Migration, the plugin is a popular choice for automating site backups to local storage or Google Drive. However, the discovery of the WordPress RCE vulnerability, designated CVE-2023-6553 and rated 9.8/10 in severity, has raised alarms across the WordPress community.

The bug was identified by the vigilant Nex Team and reported through Wordfence’s new bug bounty program. Affecting all plugin versions up to 1.3.6, it allows unauthenticated attackers to execute code remotely via PHP code injection. Specifically, the vulnerability lies in the /includes/backup-heart.php file of the Backup Migration plugin.

Cyber Cogeanu Backup Migration WordPress
Backup Migration WordPress

Understanding the Vulnerability

Wordfence’s analysis revealed the critical nature of this WordPress RCE vulnerability. By manipulating the values passed to an include in the /includes/backup-heart.php file, attackers can gain server control. This particularly hazardous as it doesn’t require user interaction for exploitation.

The file attempts to incorporate bypasser.php from the BMI_INCLUDES directory, which can be manipulated through the content-dir HTTP header. This vulnerability’s accessibility makes it imperative for WordPress admins to act swiftly.

Cyber Cogeanu Backup Migration vulnerable code (Wordfence)
Backup Migration vulnerable code (Wordfence)

Immediate Patch and Ongoing Risks

Upon notification, BackupBliss, the team behind Backup Migration, promptly issued a patch. Version 1.3.8, released on the same day as the report (2023.12.11), addresses this flaw. Despite this, a significant number of sites remain unprotected, as indicated by download statistics.

Admins are urged to update their installations to guard against potential WordPress RCE vulnerability exploits. Moreover, a concurrent phishing campaign is targeting WordPress administrators, further emphasizing the need for heightened security awareness.

Last week’s resolution of a Property Oriented Programming (POP) chain vulnerability in WordPress also underscores the ongoing challenges in securing PHP code execution environments, particularly in multisite installations.

Proactive Steps for Security

To safeguard against this and similar vulnerabilities, WordPress site administrators should regularly update plugins, remain vigilant against phishing attempts, and consider engaging with security communities for the latest advisories and support.

Stay informed, Stay secure in the face of evolving cyber threats to your WordPress sites, please subscribe.

Cogeanu Marius
Cogeanu Marius
Marius Cogeanu is a distinguished IT consultant and cybersecurity virtuoso based in Prague, Czechia. With a rich 20-year journey in the IT realm, Marius has carved a niche in network security and technological solutions, adeptly harmonizing tech with business requirements. His experience spans from Kyndryl to IBM, and as a valued independent consultant, where he's renowned for his innovative approaches in enhancing business operations with cutting-edge tech.Marius's forte lies in demystifying complex IT concepts, ensuring clarity and alignment for stakeholders at all levels. His commitment to staying at the forefront of industry trends and seeking innovative solutions cements his status as a go-to expert in cybersecurity. Driven by a fervent passion for technology and its potential to revolutionize businesses, Marius thrives on tackling challenging ventures, applying his prowess in network design, IT service management, and strategic planning.Currently, Marius is focused on leading-edge IT project management, infrastructure design, and fortifying cybersecurity, guiding clients through the intricate digital landscape with unmatched expertise and insight.Discover more on


Please enter your comment!
Please enter your name here

Popular Articles