{"api_version":"1","generated_at":"2026-05-06T12:24:01+00:00","cve":"CVE-2023-6553","urls":{"html":"https://cve.report/CVE-2023-6553","api":"https://cve.report/api/cve/CVE-2023-6553.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-6553","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-6553"},"summary":{"title":"Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution","description":"The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server.","state":"PUBLISHED","assigner":"Wordfence","published_at":"2023-12-15 11:15:47","updated_at":"2026-04-08 18:18:37"},"problem_types":["CWE-94","NVD-CWE-noinfo","CWE-94 CWE-94 Improper Control of Generation of Code ('Code Injection')"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"security@wordfence.com","type":"Secondary","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L62","name":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L62","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it","name":"https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3006541%40backup-backup&new=3006541%40backup-backup&sfp_email=&sfph_mail=","name":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3006541%40backup-backup&new=3006541%40backup-backup&sfp_email=&sfph_mail=","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab8-c6e40e3b686e?source=cve","name":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab8-c6e40e3b686e?source=cve","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L64","name":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L64","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118","name":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L38","name":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L38","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html","name":"http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-6553","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6553","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"inisev","product":"BackupBliss – Backup & Migration with Free Cloud Storage","version":"affected 1.3.7 semver","platforms":[]}],"timeline":[{"source":"CNA","time":"2023-12-11T00:00:00.000Z","lang":"en","value":"Disclosed"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Nex Team","lang":"en"}],"nvd_cpes":[{"cve_year":"2023","cve_id":"6553","vulnerable":"1","versionEndIncluding":"1.3.7","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"backupbliss","cpe5":"backup_migration","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-6553","qid":"150763","title":"WordPress Backup Migration Plugin: Unauthenticated Remote Code Execution Vulnerability (CVE-2023-6553)"},{"cve":"CVE-2023-6553","qid":"731013","title":"WordPress Plugin Backup Migration Remote Code Execution (RCE) Vulnerability"}]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-02T08:35:14.821Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab8-c6e40e3b686e?source=cve"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L38"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L62"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L64"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118"},{"tags":["x_transferred"],"url":"https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it"},{"tags":["x_transferred"],"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3006541%40backup-backup&new=3006541%40backup-backup&sfp_email=&sfph_mail="},{"tags":["x_transferred"],"url":"http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html"}],"title":"CVE Program Container"},{"metrics":[{"other":{"content":{"id":"CVE-2023-6553","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2025-05-07T20:43:39.276784Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2025-05-07T20:43:52.691Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"BackupBliss – Backup & Migration with Free Cloud Storage","vendor":"inisev","versions":[{"lessThanOrEqual":"1.3.7","status":"affected","version":"0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"Nex Team"}],"descriptions":[{"lang":"en","value":"The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server."}],"metrics":[{"cvssV3_1":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code ('Code Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-08T16:45:52.697Z","orgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","shortName":"Wordfence"},"references":[{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab8-c6e40e3b686e?source=cve"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L38"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L62"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L64"},{"url":"https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118"},{"url":"https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3006541%40backup-backup&new=3006541%40backup-backup&sfp_email=&sfph_mail="}],"timeline":[{"lang":"en","time":"2023-12-11T00:00:00.000Z","value":"Disclosed"}],"title":"Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution"}},"cveMetadata":{"assignerOrgId":"b15e7b5b-3da4-40ae-a43c-f7aa60e62599","assignerShortName":"Wordfence","cveId":"CVE-2023-6553","datePublished":"2023-12-15T10:59:46.387Z","dateReserved":"2023-12-06T12:56:43.963Z","dateUpdated":"2026-04-08T16:45:52.697Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2023-12-15 11:15:47","lastModifiedDate":"2026-04-08 18:18:37","problem_types":["CWE-94","NVD-CWE-noinfo","CWE-94 CWE-94 Improper Control of Generation of Code ('Code Injection')"],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:backupbliss:backup_migration:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.3.7","matchCriteriaId":"58EBC3ED-E8A3-444C-ABF0-66A28658B0C7"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2023","CveId":"6553","Ordinal":"1","Title":"Backup Migration <= 1.3.7 - Unauthenticated Remote Code Executio","CVE":"CVE-2023-6553","Year":"2023"},"notes":[{"CveYear":"2023","CveId":"6553","Ordinal":"1","NoteData":"The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server.","Type":"Description","Title":"Backup Migration <= 1.3.7 - Unauthenticated Remote Code Executio"}]}}}