The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up

链接： https://github.com/advisories/GHSA-mr9j-vgmq-cxhq

CVSS 评分： 9.8

参考链接：

• https://nvd.nist.gov/vuln/detail/CVE-2025-5396

• https://themeforest.net/item/alone-charity-multipurpose-nonprofit-wordpress-theme/15019939

• https://www.wordfence.com/threat-intel/vulnerabilities/id/81b44abb-6d30-4930-b68b-9a04d93f5169?source=cve

• https://github.com/advisories/GHSA-mr9j-vgmq-cxhq

描述：

The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackup_ajax_handle() function not having a capability check, nor validating user supplied input passed directly to call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leverage to inject backdoors or create new administrative user accounts to name a few things. On WordPress sites running the Alone theme versions 7.8.4 and older, this can be chained with CVE-2025-5394 to install the Bears Backup plugin and achieve the same impact.