CVE-2023-6750
published 2024-01-08CVE-2023-6750: The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically…
PriorityP353high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.96%
77.8th percentile
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| backupbliss | clone | < 2.4.3 | 2.4.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET to the static backup path returns HTTP 200 with SQL dump content containing 'CREATE TABLE' AND 'INSERT INTO' in the response body — confirms exposed database backup. ↗
- →Response body of the exposed database.sql file contains WordPress-specific table/column names ('wp_users', 'wp_options', 'user_pass'), confirming credential exposure. ↗
- →HTTP GET to /wp-content/uploads/wp-clone/wpclone_backup/prefix.txt returning HTTP 200 with a body matching ^[a-zA-Z0-9_]+$ reveals the WordPress table prefix, aiding further exploitation. ↗
- →No authentication is required to exploit this vulnerability; the backup files are publicly accessible at a statically defined file path. ↗
- ·The vulnerability affects Clone WordPress plugin versions strictly before 2.4.3 (i.e., <= 2.4.2). Version 2.4.3 and later are patched. ↗
- ·The exposed backup file path is statically defined, meaning it is the same across all vulnerable installations — making mass scanning straightforward. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress WP Clone <= 2.4.2 - Database Backup Exposure
nuclei·CVSS 7.5
CVE-2023-6750 [HIGH] WordPress WP Clone <= 2.4.2 - Database Backup Exposure
WordPress WP Clone <= 2.4.2 - Database Backup Exposure
Clone WordPress plugin < 2.4.3 contains a buffer overflow caused by storing in-progress backup information in publicly accessible buffer files at a static file path, letting attackers access sensitive backup data, exploit requires no special privileges
Template:
id: CVE-2023-6750
info:
name: WordPress WP Clone <= 2.4.2 - Database Backup Exposure
author: pussycat0x
severity: critical
description: |
Clone WordPress plugin < 2.4.3 contains a buffer overflow caused by storing in-progress backup information in publicly accessible buffer files at a static file path, letting attackers access sensitive backup data, exploit requires no special privileges
impact: |
Attackers can access sensitive backup information, potentially leading to dat
No writeups or analysis indexed.
2024-01-08
Published