S4E

CVE-2021-24155 Scanner

Detects 'Unrestricted File Upload' vulnerability in Backup Guard plugin for WordPress affects v. before 1.6.0.

SCAN NOW

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 second

Time Interval

4 week

Scan only one

Domain, Ipv4

Toolbox

-

The Backup Guard plugin for WordPress is a widely-used plugin that enables users to backup and migrate their website data. Installed on over 80,000 websites, this plugin is helpful for protecting data in the event of hacks or loss. It offers users the ability to backup their data and migrate it to different web hosts with ease. The importance of data backup cannot be overstated, making this plugin a valuable asset for WordPress users.

Recently, CVE-2021-24155 vulnerability was discovered in the Backup Guard WordPress plugin, in versions 1.6.0 and prior. This vulnerability is of high concern for WordPress users since it allows high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE. Essentially, this means that malicious actors can upload and execute arbitrary code on vulnerable websites by exploiting the vulnerability, potentially leading to a loss of sensitive data or even a full site takeover.

When exploited, this vulnerability can be devastating for website owners. Malicious actors can leverage this security flaw to compromise a website's integrity, steal user data, or manipulate the site's content. Given the significant risks involved, it is imperative that users take immediate action to secure their websites.

The Backup Guard WordPress plugin has enabled website owners to backup and migrate their data with ease. However, the discovery of the CVE-2021-24155 vulnerability serves as a reminder that even the most trusted plugins can be targeted by malicious actors. At s4e.io, we offer pro features like vulnerability scanning to help website owners stay abreast of security risks and protect their digital assets from harm. With our advanced tools, you can readily detect, assess, and patch potential vulnerabilities, keeping your websites and data safe from the latest threats. Contact us today to learn more about how we can help secure your digital assets.

 

REFERENCES

Get started to protecting your Free Full Security Scan