CVE-2023-6972

Name of the Vulnerable Software and Affected Versions Backup Migration plugin for WordPress versions up to, and including, 1.3.9

Description The issue allows unauthenticated attackers to perform Path Traversal via the content-backups and content-name, content-manifest, or content-bmitmp and content-identy HTTP headers. This enables the deletion of arbitrary files, including the wp-config.php file, potentially leading to site takeover and remote code execution.

Recommendations For versions up to, and including, 1.3.9, update to a version later than 1.3.9 to resolve the issue. As a temporary workaround, consider restricting access to the content-backups, content-name, content-manifest, content-bmitmp, and content-identy HTTP headers until a patch is available. Avoid using the affected HTTP headers in the Backup Migration plugin until the issue is resolved.