![]() Given the size of the install base, it will take a while until the patch disseminates to all users, which means this attack will continue for some time. ![]() Some top features of BackupBuddy include: Backs up your entire WordPress installation. Among the files that attackers try to download are /wp-config.php and /etc/passwd, which could give them even more sensitive information.įortunately, the vulnerability received a patch, and users of the BackupBuddy plugin are advised to upgrade their installation to version 8.7.5 as soon as possible. You can even schedule automated backups at intervals you customize. Overall, iThemes Backup Buddy is a complete WordPress solution for backup, migration, and restoration. BackupBuddy is one of the most popular WordPress backup plugins. It just takes a single click to restore the locally stored backups. However, they registered over 4.9 million exploit attempts targeting this vulnerability since Aug 26, 2022. It allows storing your backup on the cloud or downloading it to your computer. Once Backup Buddy completes your backup, you get a downloadable zip file of your entire WordPress website. Backup all WordPress files, all files in the WordPress Media library, your WordPress themes and WordPress plugins, and more. The problem with this vulnerability is that it’s being exploited in the wild, so researchers haven’t said much about it. Backup Buddy’s backup includes everything needed to run your WordPress website. Due to the fact that this is an actively exploited vulnerability, we strongly encourage you to ensure your site has been updated to the latest patched version 8.7.5 which iThemes has made available,” the researchers added. “The vulnerability affects versions 8.5.8.0 to 8.7.4.1, and has been fully patched as of Septemin version 8.7.5. It is now available on for just 12. BuddyX will provide a clean and playful layout to badges. GamiPress integrations allow you to assign badges, points, or any digital rewords based on activity and levels. ![]() GamiPress is the best solution to integrate with BuddyPress, WooCommerce, and LearnDash. “After reviewing historical data, we determined that attackers started targeting this vulnerability on August 26, 2022, and that we have blocked 4,948,926 attacks targeting this vulnerability since that time,” said the security researchers from Wordfence. iThemes has released a new version of Backup Buddy, the 1 WordPress backup plugin. BuddyX provides dedicated support to WordPress Gamification plugin GamiPress and its addon. In other situations, criminals use zero-day vulnerabilities, and no patches are available yet. Since web admins often neglect to install the latest versions of the various software and plugins running websites, the ground for cyberattacks is fertile.īut that’s assuming the developers know about vulnerabilities and have already released patches. The exploit allowed attackers to download files from the affected websites.Ĭriminals often target WordPress plugins so they can compromise websites with vulnerable components. Security researchers have discovered a new zero-day vulnerability affecting BackupBuddy, a WordPress plugin with more than 140,000 installs. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |