CVSS 3.1 Score 7.2 of 10 (high)


Published Dec 23, 2023
Updated: Dec 29, 2023


CVE-2023-7002 is a vulnerability found in the Backup Migration plugin for WordPress, affecting all versions up to and including 1.3.9. The vulnerability allows authenticated attackers with administrator-level permissions or above to execute arbitrary commands on the host operating system through the 'url' parameter. This poses a high risk to organizations as it can lead to unauthorized access and control of the affected systems. To remediate this vulnerability, users should update their WordPress installations to the latest version of the Backup Migration plugin, which includes a fix for this issue.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-7002 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options