{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/backup-migration-plugin/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2023-54346"}],"_cs_exploited":false,"_cs_products":["Backup Migration plugin"],"_cs_severities":["high"],"_cs_tags":["information-disclosure","wordpress","cve-2023-54346"],"_cs_type":"advisory","_cs_vendors":["WordPress"],"content_html":"\u003cp\u003eWordPress Plugin Backup Migration 1.2.8 is vulnerable to information disclosure. Unauthenticated attackers can exploit this flaw to download complete database backups by accessing predictable file paths. The vulnerability, identified as CVE-2023-54346, allows attackers to enumerate backup directories through configuration files and logs. This enumeration enables the construction of direct download URLs, which, when accessed, retrieve sensitive backup archives containing full database dumps. This poses a significant risk to WordPress sites using the affected plugin version, as it allows unauthorized access to sensitive data.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a WordPress site using the Backup Migration plugin version 1.2.8.\u003c/li\u003e\n\u003cli\u003eAttacker accesses publicly available configuration files (e.g., wp-config.php) to gather information about the site\u0026rsquo;s structure.\u003c/li\u003e\n\u003cli\u003eThe attacker attempts to access log files created by the Backup Migration plugin to identify backup directory names.\u003c/li\u003e\n\u003cli\u003eAttacker identifies predictable file paths for backup files based on the enumerated backup directory names.\u003c/li\u003e\n\u003cli\u003eThe attacker constructs direct download URLs for backup archive files (e.g., .zip or .sql) based on the identified paths.\u003c/li\u003e\n\u003cli\u003eThe attacker sends an HTTP GET request to the constructed URL.\u003c/li\u003e\n\u003cli\u003eThe server responds with the backup archive file containing the complete WordPress database.\u003c/li\u003e\n\u003cli\u003eAttacker downloads and extracts the database backup, gaining access to sensitive information, including user credentials, site configuration, and potentially other data.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to download complete WordPress database backups, potentially exposing sensitive information such as user credentials, configuration details, and proprietary data. The impact is significant, as it could lead to account compromise, data theft, and further malicious activities. This vulnerability affects all WordPress sites using the Backup Migration plugin version 1.2.8 that have not applied a patch.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect WordPress Backup Directory Enumeration\u003c/code\u003e to identify potential attempts to discover backup directories by monitoring web server logs for suspicious file requests.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect WordPress Backup File Download\u003c/code\u003e to detect direct downloads of backup files by monitoring web server logs for requests to common backup file extensions within the WordPress content directory.\u003c/li\u003e\n\u003cli\u003eUpgrade the Backup Migration plugin to a version that addresses CVE-2023-54346.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-05T12:16:17Z","date_published":"2026-05-05T12:16:17Z","id":"/briefs/2026-05-wordpress-backup-migration-info-disclosure/","summary":"WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability allowing unauthenticated attackers to download complete database backups by accessing predictable file paths.","title":"WordPress Backup Migration Plugin Unauthenticated Database Backup Download","url":"https://feed.craftedsignal.io/briefs/2026-05-wordpress-backup-migration-info-disclosure/"}],"language":"en","title":"CraftedSignal Threat Feed — Backup Migration Plugin","version":"https://jsonfeed.org/version/1.1"}