3 matches found
CVE-2021-24155
The CVE-2021-24155 vulnerability affects WordPress Backup Guard plugin prior to 1.6.0. The authenticated arbitrary file upload flaw does not validate that imported files are in the SGBP format/extension, enabling high-privilege (admin+) users to upload arbitrary files, including PHP, and potentia...
CVE-2017-10837
The CVE-2017-10837 entry affects the WordPress BackupGuard plugin prior to version 1.1.47. The vulnerability is a cross-site scripting (XSS) flaw that allows an attacker to inject arbitrary web script or HTML via unspecified vectors, potentially enabling script execution in a logged-in user’s bro...
CVE-2017-18488
CVE-2017-18488 affects the Backup Guard WordPress plugin, with multiple XSS issues reported in versions prior to 1.1.47. The connected documents confirm the existence of XSS in this plugin, but do not provide technical details about the exact vulnerable component, root cause, impact specifics, ex...