Scroll Top

WP Backup Plugin CVE AUG 2023: 51 public risks


WP Backup Plugin CVE AUG 2023

Be informed about the latest WP Backup Plugin CVE AUG 2023, identified and reported publicly. It is a +467% INCREASE compared to previous month, as specifically targeted backup strategies. Consider for your online safety, a WP/Woo DISASTER RECOVERY AUDIT, – OR – switching with a TOP10LIST alternative WP Backup Plugin – OR – Hire professionals for tailored WP Backup.

What is CVE?

TLDR: the details on how to hack a specific software is made public, forcing the vendor to provide a solution (patch or upgrade), that closes that specific vulnerability.

CVE is short for Common Vulnerabilities and Exposures. The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures. Read more on Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Common Weakness Enumeration.

If you are serious about your business, then you need to pay attention because your backup is the most crucial factor when disaster hits your WordPress. The following cases made headlines PUBLICLY just last month in the WP Backup Plugin CVE AUG 2023 category:

Restore everything you need, every time you need it, quickly for your peaceful digital life and your domain! No more: hidden storage costs, paid restore procedures, unavailable or broken archives.

Advanced Custom Fields options import/export Cross-Site Scripting (XSS)
Advanced Database Replacer Cross-Site Scripting (XSS)
AWS S3 for WordPress Plugin – Upcasted Cross-Site Scripting (XSS)
azw woocommerce file uploads Cross-Site Scripting (XSS)
Backup Bolt Cross-Site Scripting (XSS)
Backup Migration Cross-Site Request Forgery (CSRF) on handle_installation function
Backup Migration Missing Authorization (BAC) on handle_installation function
BotMate – Automate or Sync Your Sites With No Code Cross-Site Scripting (XSS)
BuddyDrive Cross-Site Scripting (XSS)
Bulk Attachment Download Cross-Site Scripting (XSS)
Bulk Edit and Create User Profiles – WP Sheet Editor Cross-Site Scripting (XSS)
Clone Cross-Site Request Forgery (CSRF) on handle_installation function
Clone Missing Authorization (BAC) on handle_installation function
Contact Form DB Divi Cross-Site Scripting (XSS)
Database Table Overview and Logs Cross-Site Scripting (XSS)
Date Picker by Input WP – Sync bookings with external Calendars (.ics) Cross-Site Scripting (XSS)
Delete Duplicate Posts Cross-Site Scripting (XSS)
DeMomentSomTres WordPress Export Posts With Images Cross-Site Scripting (XSS)
Duplicate Post Cross-Site Request Forgery (CSRF) on handle_installation function
Duplicate Post Missing Authorization (BAC) on handle_installation function
Duplicate Variations for Woocommerce Cross-Site Scripting (XSS)
eaSYNC Cross-Site Scripting (XSS)
Embed Docs – Elementor Files Addon,Elementor Docs Addon,Embed PDF, Word, PowerPoint and Excel Files in Gutenberg & Elementor Cross-Site Scripting (XSS)
Files Download Delay Cross-Site Scripting (XSS)
Form Vibes – Database Manager for Forms Cross-Site Scripting (XSS)
Import Export WordPress Users Missing Authorization (BAC)to Arbitrary User Password Change
Import Holded for WooCommerce or Easy Digital Downloads Cross-Site Scripting (XSS)
Import Social Statistics Cross-Site Scripting (XSS)
Integrate Google Drive Cross-Site Scripting (XSS)
Integrate Google Drive Unauthenticated Broken Access Control (BAC)
Market Exporter Cross-Site Scripting (XSS)
Migrate WordPress Website & Backups – Prime Mover Cross-Site Scripting (XSS)
Optimize Database after Deleting Revisions Cross-Site Request Forgery (CSRF)
Remove Duplicate Posts Broken Access Control (BAC)
Remove Duplicate Posts Cross-Site Scripting (XSS)
Shared Files Cross-Site Scripting (XSS)
Shortcode IMDB Cross-Site Request Forgery (CSRF)
SQL Reporting Services – SSRS Plugin for WordPress Cross-Site Scripting (XSS)
Sync eCommerce NEO Cross-Site Scripting (XSS)
Sync to Etsy Marketplace from WooCommerce Cross-Site Scripting (XSS)
Table & Contact Form 7 Database – Tablesome – Data Table & Contact Form 7 Database (CFDB7) Plugin Cross-Site Scripting (XSS)
TreePress – Easy Family Trees & Ancestor Profiles Cross-Site Scripting (XSS)
WordPress WooCommerce Sync for Google Sheet Cross-Site Scripting (XSS)
WPAdmin AWS CDN Cross-Site Request Forgery (CSRF)
WP Clone Menu Broken Access Control (BAC)
WP Data Access Cross-Site Scripting (XSS)
WP Database Administrator Unauthenticated SQL Injection (SQLi)
WPEventPartners Demo Import Cross-Site Scripting (XSS)
WPGutenBlog Demo Import Cross-Site Scripting (XSS)
WPHobby Demo Import Cross-Site Scripting (XSS)
WP Smart Export (Free) Cross-Site Scripting (XSS)
WP Backup Plugin CVE (public vulnerabilities) reported in 2023 so far 104

Automated full files + DB copies; stored locally, on premise or in the cloud, with any owl WordPress Backup task. Tailored to your needs at your scheduled intervals, and safely kept as long as you want it.

WP Backup Plugin Vulnerabilities

As a business, you cannot afford to lose your website data even for a single day. A major data loss can happen due to various reasons, including Human Error, Website Hack, Natural Disasters, Server Crash and Failure or Unsuccessful Updates.

Do you have control over when or how backups are taken and where they are stored? Are they trustworthy? Maybe you depend on a non-existent lifeline!

Why Is WordPress BACKUP Crucial?

A reliable backup solution ensures that you, as the WordPress owner, don’t have to conduct backups yourself nor worry about losing any data or tinker with restore procedures. Any backup solution must be comprehensive, meaning that it should take backups of both your website files and your database. This ensures that you have the complete backup package WHEN you need to restore a failed website.

Incremental Backups?

Taking a daily backup of your entire website data can use a lot of resources from your web server by eating up pricey resources and bandwidth. Also, backups are a very server-intensive process, recurrent backups can impact your server performance and the storage space available for keeping backups.

Scheduled or On-demand Backups?

Both! Always both! A scheduled backup is an automated backup process, without any human intervention. Scheduled at fixed intervals (daily, weekly, or monthly) depending on your recovery plan. Manual backup is a long and time-consuming process. Yet, it is highly justified, when major changes are implemented or not so trustworthy persons handle your WordPress.

What is Vulnerability Knowledge?

As time passes, vulnerabilities are discovered in your plugins, theme and the version of WordPress core you are using. Those vulnerabilities (or Security holes) ALWAYS become public knowledge sooner rather, than later.

Your business niche demands competitiveness! Your business niche demands stability! Your competition targets your website almost constantly!

Not sure that our backup & recovery strategy is worthy of long-term consideration? Contact us about WP Backup Plugin CVE AUG 2023! Decide after you compare RISK + IMPACT versus COST.

Related Posts