EDB-ID-47187: WordPress Database Backup (5.2 and lower) Command Injection Vulnerability And Remote Code Execution (Metasploit)
About EDB-ID-47187: WordPress Database Backup Command Injection Vulnerability (version 5.2 and lower)
- EDB-ID: 47187
- Author: Metasploit
- Type: Remote
- Platform: PHP
- Published: 2019-07-29
EDB-ID-47187 Description
There exists a command injection vulnerability in the WordPress plugin wp-database-backup for versions < 5.2.
For the backup functionality, the plugin generates a mysqldump command to execute.
The user can choose specific tables to exclude from the backup by setting the wp_db_exclude_table parameter in a POST request to the wp-database-backup page.
The names of the excluded tables are included in the mysqldump command unsanitized.
Arbitrary commands injected through the wp_db_exclude_table parameter are executed each time the functionality for creating a new database backup are run.
Authentication is required to successfully exploit this vulnerability.
You can read more about this vulnerability in here: OS Command Injection Vulnerability Patched In WP Database Backup Plugin
EDB-ID-47187 Remote Code Execution (Metasploit Module)
The post EDB-ID-47187: WordPress Database Backup (5.2 and lower) Command Injection Vulnerability And Remote Code Execution (Metasploit) appeared first on AppsGadget.
No comments: