178 matches found
WordPress UpdraftPlus plugin cross-site scripting vulnerability
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin UpdraftPlus prior to 1.6.59, which stems from the fact that the WordPress plugin does not clean up its...
WordPress UpdraftPlus Backup Plugin < 1.16.59 XSS Vulnerability
The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
WordPress UpdraftPlus Backup Plugin < 1.16.66 XSS Vulnerability
The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
CVE-2021-24423
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...
CVE-2021-24423
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...
Cross site scripting
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...
CVE-2021-24423
CVE-2021-24423 affects the UpdraftPlus WordPress Backup Plugin prior to 1.6.59. The issue arises because the plugin does not sanitize its updraft_service settings, allowing high-privilege users to inject malicious JavaScript payloads and trigger a Stored Cross-Site Scripting (XSS) vulnerability. ...
CVE-2021-24423 UpdraftPlus < 1.16.59 - Admin+ Stored Cross-Site Scripting
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraftservice settings, allowing high privilege users to set malicious JavaScript payload in it and leading to a Stored Cross-Site Scripting issue...
WordPress plugin 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin UpdraftPlus prior to 1.6.59, which stems from the fact that the WordPress plugin does not clean up its...
CVE-2021-25022
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...
CVE-2021-25022
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...
Cross site scripting
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...
CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...
CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backuptimestamp and jobid parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues...
CVE-2021-25022
The CVE-2021-25022 entry concerns the UpdraftPlus WordPress Backup Plugin prior to version 1.16.66, where backup_timestamp and job_id are not properly sanitised/escaped when echoed back in admin pages, causing Reflected Cross-Site Scripting (XSS). Affected software: UpdraftPlus WordPress Backup P...
WordPress plugin UpdraftPlus WordPress Backup 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. Cross-site scripting vulnerability exists in...
WordPress UpdraftPlus plugin <= 1.16.66 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress UpdraftPlus plugin versions = 1.16.66. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.69...
UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting...
UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the updraftrestore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting PoC...
WordPress UpdraftPlus plugin <= 1.16.65 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress UpdraftPlus plugin versions = 1.16.65. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.66...