Critical security flaw in UpdraftPlus plugin for WordPress

A security bug has appear in the UpdraftPlus plugin. The popular website backup solution is currently at risk of nearly 3,000,000 websites.

If you are using this plugin, please update it to the latest possible version immiately.

A vulnerability in a non-updat version of the plugin allows any logg-in user to download a website backup even without proper authorization. Because of this bug, an attacker can even get access to passwords stor in configuration files and take control of the entire website.

The error occurr already in March 2019 and concern plugin versions 1.16.7 to 1.22.2. It was discover by security expert Marc-Alexandre Montpas from Automattic. The bug was given the vulnerability identifier CVE-2022-0633 with an importance score of 8.5.

Keep WordPress safe with CZECHIA

The professional web hosting service singapore phone number data provider CZECHIA.com will set up WordPress web hosting for you on a server with a Linux operating system, support for the latest PHP version, and an automatically pre-install WordPress itorial system.

phone number data

In addition, you will get an SSL certificate from SSLmarket.cz , an automatic update of the WordPress core, regular web hosting backups and the option to return to the previous version. Of course, there is help in setting up the rirection of requests to https and also the basic security

WordPress is a web application that nes to be protect against SQL injection, XSS and other attacks. A WAF can filter out this malicious traffic. The offer today is vari, whether it is cloud or on-premise solutions, even with rules directly for WordPress.

However, with application firewalls

You ne to be careful about false positives, when legitimate requests can be block.

The ZKB aims above all to protect the functionality and availability of basic services, for example to ensure that drinking water is available, electricity is working, means of transport cheap kitchen renovation ideas are running, state authorities, banks, etc. are functioning. The goal of the GDPR is, in particular, to protect the privacy and rights of natural persons from the point of view of protecting the processing of their personal data – so that no one steals, discloses, changes or deletes their by lists personal data. In the approach.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top