Multiple command execution vulnerabilities in Database Manager plugin for WordPress

Systems Affected

Threat Level

Overview

Multiple vulnerabilities have been reported in Database Manager Plugin for WordPress which could be exploited by remote attackers to execute arbitrary commands on the target system.

Description

These vulnerabilities are caused due to improper validation of user-supplied input.

A remote authenticated attacker with current_user_can("manage_database") privileges can successfully exploit these vulnerabilities to execute arbitrary commands on the system via injecting shell metacharacters in $backup["mysqldumppath"] and $backup["filepath"] variables.

Impact

Solution/ Workarounds

Upgrade to latest version of Database Manager Plugin https://wordpress.org/plugins/wp-dbmanager/changelog/

References

http://www.cert-in.org.in/

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.