Cross site scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

CVE-2021-25022

The CVE-2021-25022 entry concerns the UpdraftPlus WordPress Backup Plugin prior to version 1.16.66, where backup_timestamp and job_id are not properly sanitised/escaped when echoed back in admin pages, causing Reflected Cross-Site Scripting (XSS). Affected software: UpdraftPlus WordPress Backup P...

WordPress plugin UpdraftPlus WordPress Backup 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. Cross-site scripting vulnerability exists in...

WordPress UpdraftPlus plugin <= 1.16.66 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress UpdraftPlus plugin versions = 1.16.66. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.69...

UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting...

UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting PoC...

WordPress UpdraftPlus plugin <= 1.16.65 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress UpdraftPlus plugin versions = 1.16.65. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.66...

UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues PoC...

UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...

WordPress UpdraftPlus plugin <= 1.16.58 - Local File Inclusion (LFI) vulnerability

Local File Inclusion LFI vulnerability discovered by WPScanTeam in WordPress UpdraftPlus plugin versions = 1.16.58. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.59...

WordPress updraftplus plugin cross-site scripting vulnerability (CNVD-2019-30397)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. updraftplus is a WordPress backup, restore, and clone plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

WordPress updraftplus plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. updraftplus is a WordPress backup, restore, and clone plugin used in it. A cross-site scripting vulnerability exists in WordPress...

CVE-2017-18593

The updraftplus plugin before 1.13.5 for WordPress has XSS in rare cases where an attacker controls a string logged to a log file...

CVE-2017-18593

The updraftplus plugin before 1.13.5 for WordPress has XSS in rare cases where an attacker controls a string logged to a log file...

CVE-2015-9360

The updraftplus plugin before 1.9.64 for WordPress has XSS via addqueryarg and removequeryarg...

Design/Logic Flaw

The updraftplus plugin before 1.9.64 for WordPress has XSS via addqueryarg and removequeryarg...

CVE-2015-9360

The CVE covers the UpdraftPlus WordPress backup plugin. Affected: UpdraftPlus plugin before version 1.9.64. Vulnerability: XSS via add_query_arg() and remove_query_arg(). Root cause: improper handling of query arguments enabling client-side script injection. Impact: cross-site scripting accessibl...

CVE-2015-9360

The updraftplus plugin before 1.9.64 for WordPress has XSS via addqueryarg and removequeryarg...