CVE-2022-31474

Published on: Not Yet Published

Last Modified on: 08/10/2022 08:20:49 PM UTC

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Related QID Numbers

  • 150570 WordPress BackupBuddy Plugin: Arbitrary File Read Vulnerability (CVE-2022-31474)
  • 730611 WordPress BackupBuddy Plugin Arbitrary File Read Vulnerability

Exploit/POC from Github

New #WordPress #0Day #BackupBuddy Plugin #LFI

Social Mentions

Source Title Posted (UTC)
Twitter Icon @inj3ct0r #0day #WordPress #BackupBuddy 8.7.4.1 Arbitrary File Read #Vulnerability #CVE-2022-31474 0day.today/exploit/descri… 2022-09-08 09:56:50
Twitter Icon @the_yellow_fall CVE-2022-31474: 0-day WordPress BackupBuddy plugin affects 140,000 websites securityonline.info/cve-2022-31474… #opensource… twitter.com/i/web/status/1… 2022-09-09 10:03:25
Twitter Icon @AcooEdi CVE-2022-31474: 0-day WordPress BackupBuddy plugin affects 140,000 websites dlvr.it/SY2DqL via securityonl… twitter.com/i/web/status/1… 2022-09-09 10:10:09
Twitter Icon @Komodosec #Vulnerability #BackupBuddy CVE-2022-31474: 0-day WordPress BackupBuddy plugin affects 140,000 websites securityonline.info/cve-2022-31474… 2022-09-09 10:58:02
Twitter Icon @CovertSwarm Critical vulnerability identified in WordPress plugin "BackupBuddy": (CVE-2022-31474) #vulnerability #wordpress… twitter.com/i/web/status/1… 2022-09-09 12:22:25
Twitter Icon @securestep9 #WordPress - Attackers Exploit Zero-Day Arbitrary File Download Vulnerability (CVE-2022-31474) in WordPress… twitter.com/i/web/status/1… 2022-09-09 18:43:03
Twitter Icon @Ahmedkaissar2 CVE-2022-31474, CVSS score: 7.5 هلا والله بالمولد الجديد ?? هناك Zero day علي plugin مشهوره يتم استخدامها في مواقع… twitter.com/i/web/status/1… 2022-09-09 23:54:33
Twitter Icon @PentestingN CVE-2022-31474: 0-day WordPress BackupBuddy plugin affects 140,000 websites securityonline.info/cve-2022-31474… Penetration T… twitter.com/i/web/status/1… 2022-09-10 06:13:58
Twitter Icon @inthewildio CVE-2022-31474 is getting exploited #inthewild. Find out more at inthewild.io/vuln/CVE-2022-… CVE-2021-3493 is getting e… twitter.com/i/web/status/1… 2022-09-11 16:10:32
Twitter Icon @pdnuclei Scanning for - CVE-2022-31474: 0-day WordPress BackupBuddy plugin affects 140,000 websites via @TheHackersNews usin… twitter.com/i/web/status/1… 2022-09-13 13:19:54
Twitter Icon @ReconOne_bk [Oh noo] New 0-Day affecting WordPress exploited in the wild ? WordPress BackupBuddy Plugin LFI (CVE-2022-31474)… twitter.com/i/web/status/1… 2022-09-13 13:59:26
Twitter Icon @0xrobiul New #WordPress #0Day #BackupBuddy Plugin #LFI #CVE-2022-31474 At A Scale! #BugBounty #BugBountyTips #CyberSecurity… twitter.com/i/web/status/1… 2022-09-13 16:42:52
Twitter Icon @0xMaruf [Oh noo] New 0-Day affecting WordPress exploited in the wild ? WordPress BackupBuddy Plugin LFI (CVE-2022-31474)… twitter.com/i/web/status/1… 2022-09-13 17:19:56
Twitter Icon @i4interactive Top #WordPress story: Add CVE-2022-31474.yaml by aringo · Pull Request #5342 · projectdiscovery/nuclei-templates ·… twitter.com/i/web/status/1… 2022-09-14 02:57:13
Twitter Icon @ipssignatures The vuln CVE-2022-31474 has a tweet created 0 days ago and retweeted 13 times. twitter.com/shaybt12/statu… #pow1rtrtwwcve 2022-09-14 06:06:00
Twitter Icon @ipssignatures The vuln CVE-2022-31474 has a tweet created 0 days ago and retweeted 104 times. twitter.com/pdnuclei/statu… #pow2rtrtwwcve 2022-09-14 08:06:00
Twitter Icon @AffanJau @abdulx01t @shaybt12 not WordPress it's the plugin. more info: securityonline.info/cve-2022-31474… 2022-09-14 11:34:40
Twitter Icon @milanshiftsec CVE-2022-31474 - BackupBuddy LFI POC: /wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-i… twitter.com/i/web/status/1… 2022-09-14 13:33:55
Twitter Icon @Har_sia CVE-2022-31474 har-sia.info/CVE-2022-31474… #HarsiaInfo 2022-09-14 15:02:27
Twitter Icon @ipssignatures The vuln CVE-2022-31474 has a tweet created 0 days ago and retweeted 108 times. twitter.com/shaybt12/statu… #pow2rtrtwwcve 2022-09-14 18:06:00
Twitter Icon @ipssignatures The vuln CVE-2022-31474 has a tweet created 1 days ago and retweeted 10 times. twitter.com/0xMaruf/status… #pow1rtrtwwcve 2022-09-15 02:06:01
Twitter Icon @NandanLohitaksh CVE-2022-31474 in scale cat hosts |httpx -title -path "/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&… twitter.com/i/web/status/1… 2022-09-15 16:14:05
Twitter Icon @0xrobiul New #WordPress #0Day #BackupBuddy Plugin #LFI #CVE-2022-31474 At A Scale! #BugBounty #BugBountyTips #CyberSecurity… twitter.com/i/web/status/1… 2022-09-16 04:53:01
Twitter Icon @forgedhallpass @0xrobiul There's also a nuclei template: github.com/projectdiscove… 2022-09-16 10:22:07
Twitter Icon @certbe Warning: Two #WordPress plugins actively exploited in the wild. Upgrade #backupbuddy #CVE-2022-31474 asap and tempo… twitter.com/i/web/status/1… 2022-09-16 12:20:05
Twitter Icon @ipssignatures The vuln CVE-2022-31474 has a tweet created 1 days ago and retweeted 11 times. twitter.com/NandanLohitaks… #pow1rtrtwwcve 2022-09-17 00:06:00
Twitter Icon @BiswajeetRay7 New #WordPress #0Day #BackupBuddy Plugin #LFI #CVE-2022-31474 At A Scale cat hosts | httpx -title -path "/wp-admin/… twitter.com/i/web/status/1… 2022-09-17 11:59:10
Twitter Icon @ipssignatures The vuln CVE-2022-31474 has a tweet created 1 days ago and retweeted 13 times. twitter.com/0xrobiul/statu… #pow1rtrtwwcve 2022-09-17 12:06:00
Twitter Icon @ReconOne_bk WordPress - CVE-2022-31474 ? twitter.com/ReconOne_bk/st… 2022-10-17 11:25:28
Reddit Logo Icon /r/KomodoCyberConsulting CVE-2022-31474: 0-day WordPress BackupBuddy plugin affects 140,000 websites 2022-09-09 10:58:04
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report