CVE-2023-32960

Cross-Site Request Forgery CSRF vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin = 1.23.3 versions leads to sitewide Cross-Site Scripting XSS...

CVE-2023-32960

CVE-2023-32960 affects the WordPress UpdraftPlus Backup Plugin prior to or up to version 1.23.3. The vulnerability is a CSRF that enables sitewide XSS when exploited by a logged-in user or via crafted requests, as described in multiple sources. The OpenVAS advisory notes a fix path at 1.23.4, whi...