Backup Bolt WordPress Plugin Arbitrary File Download Vulnerability

A vulnerability in the Backup Bolt plugin for WordPress, present in all versions through 1.4.1, allows authenticated users with Administrator-level access to download files from directories outside the webroot and to write backup zip files to arbitrary locations. This issue arises in the process_backup_batch() function, which is responsible for handling backup operations.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files outside the webroot, potentially including configuration files or other critical data. Additionally, the ability to write backup files to arbitrary locations could be misused to overwrite important files or disrupt the site's functionality.

Remediation

No known patch is available for this vulnerability. Users are advised to review the vulnerability details thoroughly and consider uninstalling the affected plugin.