SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
This rule looks for command injection characters in the vulnerable parameters of the 'WP Database Backup' Wordpress plugin.
What To Look For
This rule alerts when an attempt to execute a command injection against the 'WP Database Backup' plug-in for Wordpress is detected.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
Tactic: Initial Access
Technique: Exploit Public-Facing Application
For reference, see the MITRE ATT&CK vulnerability types here:
Command Injection attacks target applications that allow unsafe user-supplied input. Attackers transmit this input via forms, cookies, HTTP headers, etc. and exploit the applications permissions to execute system commands without injecting code.
CVE Additional Information