Nearly a million WordPress websites could be at risk from this serious plugin security flaw

WPvivid Backup & Migration plugin allows for arbitrary file upload which can lead to remote code execution.
TechJuice

Critical WordPress Plugin Flaw Exposes 900,000+ Sites to Remote Code Execution

A critical remote code execution flaw in the WPvivid Backup & Migration WordPress plugin puts over 900,000 sites at risk unless patched.
Searchenginejournal.com

WordPress Backup Plugin Vulnerability Affects 3+ Million Sites

The vulnerability affects the popular Updraft Plus WordPress plugin, installed in over 3 million websites. Updraft Plus comes in a free and paid version that allows users to upload backups to a user’s ...

WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can ...
Infosecurity-magazine.com

Backup Migration WordPress Plugin Flaw Impacts 90,000 Sites

Security researchers have warned users of a popular WordPress plugin that they need to patch urgently or risk their site being remotely hijacked. Security vendor Wordfence has revealed a new PHP code ...
Searchenginejournal.com

WordPress Backup Plugin DoS Vulnerability Affects +200,000 Sites

A popular WordPress backup plugin installed in over 200,000 websites recently patched a high severity vulnerability that could lead to a denial of service attack. Wordfence assigned a CVSS severity ...
Bleeping Computer

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, ...