WordPress Database Backup Remote Command Execution

Posted by deepcore on July 28, 2019 – 7:37 pm

There exists a command injection vulnerability in the WordPress plugin wp-database-backup for versions less than 5.2. For the backup functionality, the plugin generates a mysqldump command to execute. The user can choose specific tables to exclude from the backup by setting the wp_db_exclude_table parameter in a POST request to the wp-database-backup page. The names of the excluded tables are included in the mysqldump command unsanitized. Arbitrary commands injected through the wp_db_exclude_table parameter are executed each time the functionality for creating a new database backup are run. Authentication is required to successfully exploit this vulnerability.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Schneider Electric Pelco Endura NET55XX Encoder Zurmo 3.2.6 Persistent Cross Site Scripting »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

WordPress Database Backup Remote Command Execution

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL