CVE-2020-35948

CRITICAL

Xcloner < 4.2.13 - Incorrect Authorization

Title source: rule

Description

An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xcloner_restore.php write_file_action could overwrite wp-config.php, for example. Alternatively, an attacker could create an exploit chain to obtain a database dump.

Exploits (1)

exploitdb WORKING POC

by Ron Jost · pythonwebappsphp

https://www.exploit-db.com/exploits/50077

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/163336/WordPress-XCloner-4.2.12-Remote-Code-Execution.html

[Exploit, Third Party Advisory] https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2020-35948

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/10412

[Exploit, Third Party Advisory] https://www.wordfence.com/blog/2020/09/critical-vulnerabilities-patched-in-xcloner-backup-and-restore-plugin/

Scores

CVSS v3 9.9

EPSS 0.4941

EPSS Percentile 97.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-863

Status published

Products (1)

xcloner/xcloner 4.2.1 - 4.2.13

Published Jan 01, 2021

Tracked Since Feb 18, 2026