According to iThemes researchers, Hackers are actively exploiting the vulnerability (CVE-2022-31474) across impacted systems using specific versions of the BackupBuddy plugin. The exploit allows attackers to view.
Why it matters: WordPress plugin developer, iThemes, alerted users to a vulnerability related to their BackupBuddy extension earlier this week. The security hole leaves plugin users susceptible to unauthorized access by malicious actors, providing them with the opportunity to steal sensitive files and information. The flaw affects any sites running BackupBuddy 8.5.8.0 through 8.7.4.1. Users should update to version 8.7.5 to patch the hole.
According to iThemes researchers, Hackers are actively exploiting the vulnerability (CVE-2022-31474) across impacted systems using specific versions of the BackupBuddy plugin.
