CVE-2021-25035

The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25035

The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25035 Backup and Staging by WP Time Capsule < 1.22.7 - Reflected Cross-Site Scripting

The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25035

CVE-2021-25035 affects the WordPress plugin “Backup and Staging by WP Time Capsule” (versions before 1.22.7). The issue is caused by insufficient sanitization/escaping of the error parameter when it is output on an admin page, resulting in a reflected XSS. Several sources (NVD, CVE List, Red Hat,...