WordPress Plugin Vulnerabilities

Beefbind - BeEF RCE Plugin

Description

The presence of this plugin indicates that an XSS attack was performed and successful. RCE can be obtained via this plugin.

Affects Plugins

Plugin icon
beefbind
No known fix

References

URL
https://github.com/beefproject/beef/tree/master/modules/misc/wordpress_post_auth_rce

Miscellaneous

Verified
Yes
WPVDB ID
929d9656-1841-4142-af1c-ca74dd876aea

Timeline

Publicly Published
2014-07-29 (about 11 years ago)
Added
2019-10-26 (about 6 years ago)
Last Updated
2019-11-28 (about 6 years ago)

Other

Published
Title
Published
2020-02-27
Title
wpdefault - Backdoor Plugin
Published
2017-12-19
Title
Captcha 4.3.6–4.4.4 - Backdoored
Published
2017-12-28
Title
No Follow All External Links 2.1.0-2.3.0 (current) - Backdoored
Published
2017-09-10
Title
Display Widgets 2.6.0-2.6.3.1 - Backdoored
Published
2017-12-28
Title
WP No External Links 4.2.1-4.2.2 - Backdoored