Bei Fen WordPress Backup Plugin Local File Inclusion Vulnerability

A local file inclusion vulnerability has been identified in the Bei Fen WordPress Backup Plugin, affecting all versions through 1.4.2. The vulnerability allows authenticated attackers with Subscriber-level access and above to include and execute arbitrary PHP files on the server. This could lead to bypassing access controls, accessing sensitive data, or executing code in cases where PHP files can be uploaded and included. The vulnerability only impacts installations running PHP 7.1 or older.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive data, bypassing of access controls, or execution of malicious code on the server.

Reproduction

To reproduce this vulnerability, an authenticated user with Subscriber-level access or higher can send a request to the WordPress site with the 'task' parameter. This request should include a reference to a PHP file that the attacker wishes to include and execute. The vulnerable plugin will process this request, leading to the execution of the specified PHP file on the server.

Remediation

No known patch is available. It is recommended to uninstall the affected plugin and find a replacement.