WordPress UpdraftPlus Backup Plugin < 1.16.69 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-25089

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.69 does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25089

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.69 does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25089

CVE-2021-25089 affects the UpdraftPlus WordPress Backup Plugin prior to version 1.16.69. The vulnerability arises from failing to sanitize and escape the updraft_restore parameter before it is echoed back on the Restore page, resulting in a Reflected Cross-Site Scripting (XSS) . Impact described ...

CVE-2021-25089 UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.69 does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting...

WordPress plugin跨站脚本漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress UpdraftPlus Backup Plugin in versions prior to 1.16.69. The vulnerability stems from the failure to escape the updraftrestore parameter and c...

WordPress UpdraftPlus plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin UpdraftPlus prior to 1.6.59, which stems from the fact that the WordPress plugin does not clean up its...

WordPress UpdraftPlus Backup Plugin < 1.16.59 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

WordPress UpdraftPlus Backup Plugin < 1.16.66 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-24423

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...

CVE-2021-24423

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...

Cross site scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...

CVE-2021-24423

CVE-2021-24423 affects the UpdraftPlus WordPress Backup Plugin prior to 1.6.59. The issue arises because the plugin does not sanitize its updraft_service settings, allowing high-privilege users to inject malicious JavaScript payloads and trigger a Stored Cross-Site Scripting (XSS) vulnerability. ...

CVE-2021-24423 UpdraftPlus < 1.16.59 - Admin+ Stored Cross-Site Scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...

WordPress plugin 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin UpdraftPlus prior to 1.6.59, which stems from the fact that the WordPress plugin does not clean up its...

CVE-2021-25022

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25022

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

Cross site scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...