Another month, another set of CVEs to address. In the past few weeks, one in particular grabbed our attention – CVE-2022-0633, targeting WordPress. This vulnerability can pose significant issues to the affected organizations, and should be fixed as soon as possible, if it hasn’t been already.
Here’s everything you need to know.
What is the CVE-2022-0633 vulnerability?
Discovered on Feb 14, this high severity CVE was found in the UpdraftPlus WordPress plugin. Attackers can exploit the vulnerability to download WordPress backup files, and potentially gain control of the targeted website. UpdraftPlus is a hugely popular backup service, offering full backup of WordPress to Google Drive, Dropbox, OneDrive, and other popular cloud storage solutions. This vulnerability allows any logged-in user with a simple subscriber level to download those backup files created by the UpdraftPlus plugin.
The attacker can then gain access to all configuration files, themes, media files, and everything else that is backed up. If they are able to find credentials stored in the backup files, they will gain full control of the website.
Does it affect me?
If you’re using the UpdraftPlus plugin, then it’s very possible. This flaw puts more than 3 million websites at risk of stolen website backup files.
Has it been actively exploited in the wild?
Not that we know of. WordPress hasn’t waited to find out though, moving fast to patch the vulnerability. See below.
Fixing CVE-2022-0633
To mitigate the threat, WordPress has been forcibly upgrading installations to version 1.22.3. In the meantime, we recommend creating a firewall rule to mitigate this vulnerability until the patch is applied.
As always, dealing with vulnerabilities requires staying ahead of trends and emerging threats, and taking fast action when the time is right.
For the latest vulnerability information, fixes and actions, check out the Vulcan Remedy Cloud – the free, comprehensive resource for everything you need to know about how to fix the latest CVEs.
The Vulcan Cyber platform is a valuable partner in mitigating the continuing threat of vulnerabilities. See it in action.
