CVE-2024-9162

CVSS V2 None CVSS V3 None

Description

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above, to create an export file with the .php extension on the affected site's server, adding an arbitrary PHP code to it, which may make remote code execution possible.

Overview

CVE ID
CVE-2024-9162

Assigner
Wordfence

Vulnerability Status
PUBLISHED

Published Version
2024-10-28T05:32:24.968Z

Last Modified Date
2024-10-28T05:32:24.968Z

Weakness Enumerations

CWE	URL
CWE-94	http://cwe.mitre.org/data/definitions/94.html

References

Reference URL	Reference Tags
https://www.wordfence.com/threat-intel/vulnerabilities/id/d97c3379-56c9-4261-9a70-3119ec121a40?source=cve
https://plugins.trac.wordpress.org/browser/all-in-one-wp-migration/trunk/lib/controller/class-ai1wm-backups-controller.php#L60
https://plugins.trac.wordpress.org/browser/all-in-one-wp-migration/trunk/lib/controller/class-ai1wm-export-controller.php#L36
https://github.com/d0n601/CVE-2024-9162
https://ryankozak.com/posts/CVE-2024-9162

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-9162
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9162

History

Created	Old Value	New Value	Data Type	Notes
2024-10-28 13:17:35				Added to TrackCVE