2 matches found
CVE-2021-24423
CVE-2021-24423 affects the UpdraftPlus WordPress Backup Plugin prior to 1.6.59. The issue arises because the plugin does not sanitize its updraft_service settings, allowing high-privilege users to inject malicious JavaScript payloads and trigger a Stored Cross-Site Scripting (XSS) vulnerability. ...
CVE-2021-24423 UpdraftPlus < 1.16.59 - Admin+ Stored Cross-Site Scripting
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...