Vulnerability in BackupBuddy Plugin Exploited to Hack WordPress Sites
The BackupBuddy plugin, which has roughly 140,000 active installations, is meant to help WordPress site administrators easily manage their backup operations. The plugin allows users to store the backups to various online and local destinations. Tracked as CVE-2022-31474 (CVSS score of 7.5), the exploited vulnerability exists because of an insecure method of downloading the backups…