Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JetBackup JetBackup โ WP Backup, Migrate & Restore plugin <= 1.6.9.0...
4.8CVSS
5.2AI Score
0.001EPSS
The WordPress Backup and Migrate Plugin โ Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to...
7.2CVSS
7AI Score
0.963EPSS
6.1CVSS
6.1AI Score
0.001EPSS
Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified...
6.1CVSS
5.9AI Score
0.001EPSS