Terva

Name of the Vulnerable Software and Affected Versions: WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins plugin versions up to, and including, 2.32 Description: The issue allows authenticated attackers with Administrator-level access and above to perform SQL Injection via the `orderby` parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This enables attackers to append additional SQL queries into already existing queries, potentially extracting sensitive information from the database. Recommendations: For versions up to, and including, 2.32, consider restricting access to the `orderby` parameter to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit Administrator-level access to trusted users only.

**Name of the Vulnerable Software and Affected Versions** Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress versions up to and including 2.35 **Description** The issue allows authenticated attackers with Administrator-level access and above to extract sensitive data, including full database credentials, via the "dashboard/backup.php" file. **Recommendations** For versions up to and including 2.35, consider restricting access to the /dashboard/backup.php file until a patch is available. As a temporary workaround, limit Administrator-level access to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress versions up to, and including, 2.35 **Description** The issue arises from insufficient file path validation in the `database backup ajax delete` function, allowing authenticated attackers with Administrator-level access and above to delete arbitrary files on the server. This can lead to remote code execution when critical files, such as `wp-config.php`, are deleted. **Recommendations** For versions up to, and including, 2.35, update to version 2.36 or later to partially mitigate the issue. As a temporary workaround, consider restricting access to the `database backup ajax delete` function until a more comprehensive patch is available.

**Name of the Vulnerable Software and Affected Versions** Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress versions up to, and including, 2.32 **Description** The issue allows authenticated attackers with administrator-level access and above to read the contents of arbitrary files on the server, which can contain sensitive information, through the `database backup ajax download()` function. This enables access to confidential data. **Recommendations** For versions up to, and including, 2.32, consider disabling the `database backup ajax download()` function until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.