3 matches found
UpdraftPlus < 1.22.9 - Cross-Site Scripting
The plugin does not sanitise and escape the updraftinterval parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting XSS vulnerability. id: CVE-2022-0864 info: name: UpdraftPlus 1.22.9 - Cross-Site Scripting author: DhiyaneshDk severity: medium description...
WordPress UpdraftPlus Plugin < 1.22.9 - Reflected Cross-Site Scripting Vulnerability
Tittle: WordPress Plugin UpdraftPlus confirm1 Classification Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872...
CVE-2022-0864
CVE-2022-0864 affects the WordPress plugin UpdraftPlus WordPress Backup Plugin, pre-1.22.9. The vulnerability is a reflected Cross-Site Scripting (XSS) in the admin page caused by failure to sanitize/escape the updraft_interval parameter before output. Impact is XSS exposure via the admin interfa...