CVE-2022-0633 UpdraftPlus plugin before 1.22.3 and 2.22.3 may not properly validate a user has the privileges to access a backup's nonce, which may allow anyone with an account to retrieve it.
This could put other users’ data at risk, since the plugin does not limit the list of subscribers in the download description. In most cases, only the site owner has permission to access the nonce for more advanced backup features. This issue affects UpdraftPlus Enterprise users who have configured permission levels for subscribers in the plugin settings. If you are running a version of UpdraftPlus prior to 1.22.3 or 2.22.3, you should upgrade as soon as possible.
UpdraftPlus 2.22.3
Release Announcement
UpdraftPlus 2.22.3 has been released and addresses a vulnerability that could expose users’ data.
The vulnerability was found in the plugin's backend, which could allow malicious third-parties to access nonce keys used for advanced backup features. In most cases, only the site owner should have access to these keys. The issue affects UpdraftPlus Enterprise users who have configured permission levels for subscribers in the plugin settings.
If you are running a version of UpdraftPlus prior to 2.22.3 or 1.22.3, you should upgrade as soon as possible.>>END>>
UpdraftPlus 2.x
's Default Permissions
If you're running a version of UpdraftPlus prior to 2.22.3, it is recommended that you upgrade to 2.22.3 as soon as possible since this plugin's default permissions may allow users to gain access to your site's nonce.
UpdraftPlus Enterprise users who have configured permission levels for subscribers in the plugin settings could potentially gain access to the nonce if they are not configured with enough permissions in the plugin settings. This can put other users' data at risk, because they would not be able to limit their list of subscribers in the download description, and this would prevent them from receiving notification emails when new files are uploaded or replaced on the site.
What’s new in version 2.22.3?
The following improvements were made in the latest UpdraftPlus plugin release:
- Users now receive a notification when an upload has failed due to invalid credentials.
- An issue which caused some users’ backups to be unreadable has been resolved.
- An error message which appeared when upgrading from 2.21 and 2.22 has been fixed.
How do I know if my version is vulnerable?
UpdraftPlus Enterprise versions prior to 1.22.3 and 2.22.3 are vulnerable to CVE-2022-0633. If you have a version of UpdraftPlus older than this, you should upgrade as soon as possible to a more recent version of the plugin that no longer has this issue. If you are unsure which version is newer, please contact support@updraftplus.com
The benefits of advertising on Facebook include being able to target your audience more precisely and reaching the right people with your advertising campaigns.
Timeline
Published on: 02/17/2022 19:15:00 UTC
Last modified on: 02/18/2022 21:19:00 UTC
References
- https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/
- https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3
- https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/
- http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0633