cbcvebase.
CVE-2023-6750
published 2024-01-08

CVE-2023-6750: The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically…

PriorityP353high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.96%
77.8th percentile
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path.

Affected

1 ranges
VendorProductVersion rangeFixed in
backupblissclone< 2.4.32.4.3

Detection & IOCsextracted from sources · hover to see the quote

path/wp-content/uploads/wp-clone/wpclone_backup/database.sql
path/wp-content/uploads/wp-clone/wpclone_backup/prefix.txt
otherhttp.html:"wp-clone-by-wp-academy"
otherbody="wp-clone-by-wp-academy"
  • HTTP GET to the static backup path returns HTTP 200 with SQL dump content containing 'CREATE TABLE' AND 'INSERT INTO' in the response body — confirms exposed database backup.
  • Response body of the exposed database.sql file contains WordPress-specific table/column names ('wp_users', 'wp_options', 'user_pass'), confirming credential exposure.
  • HTTP GET to /wp-content/uploads/wp-clone/wpclone_backup/prefix.txt returning HTTP 200 with a body matching ^[a-zA-Z0-9_]+$ reveals the WordPress table prefix, aiding further exploitation.
  • No authentication is required to exploit this vulnerability; the backup files are publicly accessible at a statically defined file path.
  • ·The vulnerability affects Clone WordPress plugin versions strictly before 2.4.3 (i.e., <= 2.4.2). Version 2.4.3 and later are patched.
  • ·The exposed backup file path is statically defined, meaning it is the same across all vulnerable installations — making mass scanning straightforward.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.