WPvivid Backup < 0.9.36 - Missing Authorization Leading To Database Leak
There is a missing authorization check in the WPvivid Backup plugin that can lead to the exposure of the database and all files of the WordPress site. wp_ajax_wpvivid_add_remote does not check if the current user has the proper permission to execute the action to add a new remote backup location, nor does it (and many other AJAX actions in the plugin) contain a nonce check which causes a CSRF issue. It allows any authenticated user, regardless of their user role, to add a new remote storage location and set it as the default backup location. This means that the next time the backup runs, it will use this backup location and upload the backup to this location.
fixed in version 0.9.36
|Publicly Published||2020-03-23 (11 days ago)|
|Added||2020-03-23 (10 days ago)|
|Last Updated||2020-03-24 (10 days ago)|
Our Other Services
|Online WordPress Vulnerability Scanner||WPScan WordPress Security Plugin|