An gano wani haɗari mai haɗari (CVE-3-2022) a cikin UpdraftPlus WordPress add-on, wanda ke da kayan aiki fiye da miliyan 0633, yana ba da damar mai amfani na ɓangare na uku don sauke kwafin bayanan yanar gizon, wanda, ban da haka. abun ciki, ya ƙunshi sigogin duk masu amfani da hashes na kalmar sirri. An warware matsalar a cikin sakin 1.22.3 da 2.22.3, wanda aka ba da shawarar ga duk masu amfani da UpdraftPlus su girka da wuri-wuri.
Ana ɗaukar UpdraftPlus a matsayin mafi mashahuri add-on don ƙirƙirar madadin rukunin yanar gizon da ke gudana akan dandalin WordPress. Saboda kuskuren duba haƙƙoƙin samun dama, add-on ya ba da izinin zazzage kwafin ajiyar yanar gizo da bayanan da ke da alaƙa ba kawai ga masu gudanarwa ba, har ma ga duk wani mai amfani da aka yi rajista akan rukunin yanar gizon, misali, tare da matsayin mai biyan kuɗi.
Don loda madogarawa cikin UpdraftPlus, ana amfani da mai ganowa wanda aka ƙirƙira dangane da lokacin da aka ƙirƙiri madadin da jerin bazuwar (babu ɗaya). Matsalar ita ce saboda rashin ingantaccen dubawa a cikin mai sarrafa buƙatun bugun zuciya na WordPress, ta yin amfani da buƙatun ƙira na musamman, kowane mai amfani zai iya samun bayanai game da sabon madadin, wanda kuma ya haɗa da bayanai game da lokaci da jerin abubuwan bazuwar.
Na gaba, dangane da bayanan da aka karɓa, zaku iya ƙirƙirar mai ganowa kuma zazzage kwafin madadin ta amfani da hanyar zazzagewa ta imel. Aikin maybe_download_backup_from_email da aka yi amfani da shi a wannan hanyar yana buƙatar samun dama ga shafin zaɓuɓɓuka-general.php, wanda ke da isa ga mai gudanarwa kawai. Koyaya, mai kai hari zai iya ƙetare wannan ƙuntatawa ta hanyar zuga madaidaicin $pagenow da aka yi amfani da shi a rajistan da aika buƙatu ta hanyar shafin sabis wanda ke ba da damar masu amfani marasa gata. Misali, zaku iya tuntuɓar ta shafin don aika sako zuwa ga mai gudanarwa ta hanyar aika buƙatu ta hanyar “wp-admin/admin-post.php/%0A/wp-admin/options-general.php?page=updraftplus ".
source: budenet.ru