CVE-2024-13910
📋 TL;DR
This vulnerability allows authenticated WordPress administrators to delete arbitrary files on the server due to insufficient path validation in the Database Backup plugin. Attackers can achieve remote code execution by deleting critical files like wp-config.php. All WordPress sites using this plugin up to version 2.35 are affected.
💻 Affected Systems
- Database Backup and check Tables Automated With Scheduler 2024 WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete site compromise via remote code execution leading to data theft, defacement, or ransomware deployment
Likely Case
Site disruption or data loss from deletion of critical WordPress files
If Mitigated
Limited impact if proper file permissions and monitoring are in place
🎯 Exploit Status
Exploitation requires authenticated administrator access to WordPress
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.36
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3248708/
Restart Required: No
Instructions:
1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find 'Database Backup and check Tables Automated With Scheduler 2024'
4. Click 'Update Now' if update is available
5. Alternatively, download version 2.36+ from WordPress plugin repository
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily disable the plugin until patched
wp plugin deactivate database-backup
Restrict file permissions
linuxSet restrictive permissions on critical WordPress files
chmod 400 wp-config.php
chmod 400 wp-content/plugins/database-backup/database-backup.php
🧯 If You Can't Patch
- Remove administrator access from untrusted users
- Implement file integrity monitoring for critical WordPress files
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Database Backup plugin version. If version ≤ 2.35, vulnerable.Check Version:
wp plugin get database-backup --field=versionVerify Fix Applied:
Verify plugin version is 2.36 or higher in WordPress admin panel📡 Detection & Monitoring
Log Indicators:
- Unusual file deletion events in web server logs
- POST requests to /wp-admin/admin-ajax.php with 'action=database_backup_ajax_delete'
Network Indicators:
- HTTP POST requests to admin-ajax.php with file deletion parameters
SIEM Query:
source="web_server" AND (uri="/wp-admin/admin-ajax.php" AND method="POST" AND params.action="database_backup_ajax_delete")🔗 References
- https://plugins.trac.wordpress.org/browser/database-backup/trunk/database-backup.php#L267
- https://plugins.trac.wordpress.org/changeset/3247917/
- https://plugins.trac.wordpress.org/changeset/3248708/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/c92776c4-643c-40f2-ac28-5df5d6bf7fcd?source=cve
