Vulnerability Description
The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Backup-Guard | Backup Guard | < 1.6.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-UExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/163623/WordPress-Backup-Guard-AuthenticatedExploitThird Party AdvisoryVDB Entry
- https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fbExploitThird Party Advisory
- http://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-UExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/163623/WordPress-Backup-Guard-AuthenticatedExploitThird Party AdvisoryVDB Entry
- https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fbExploitThird Party Advisory
FAQ
What is CVE-2021-24155?
CVE-2021-24155 is a vulnerability with a CVSS score of 7.2 (HIGH). The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+)...
How severe is CVE-2021-24155?
CVE-2021-24155 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-24155?
Check the references section above for vendor advisories and patch information. Affected products include: Backup-Guard Backup Guard.