Zero-Day Vulnerability in BackupBuddy WordPress Plugin
The developer of the BackupBuddy for WordPress has released an updated version of the plugin that fixes an actively exploited directory traversal vulnerability. The flaw allows unauthenticated users to download files from vulnerable sites. The issue affects BackupBuddy versions 8.5.8.0 to 8.7.4.1. iThemes has made BackupBuddy version 8.7.5, available to all site owners “regardless of …