Lucene search
JrXnmWPVDB-ID:5ADB977E-F7BF-4D36-B625-87BC23D379C8HistoryDec 28, 2021 - 12:00 a.m.
UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
2021-12-2800:00:00
JrXnm
wpscan.com
10
0.001 Low
EPSS
Percentile
40.2%
The plugin does not sanitise and escape the updraft_restore parameter before outputting it back in the Restore page, leading to a Reflected Cross-Site Scripting
PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| updraftplus | lt | 1.16.69 |
Related
cvelist
cvelist
CVE-2021-25089 UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
2022-02-01 12:21:37
patchstack
patchstack
nvd
nvd
CVE-2021-25089
2022-02-01 13:15:09
prion
prion
Cross site scripting
2022-02-01 13:15:00
cve
cve
CVE-2021-25089
2022-02-01 13:15:09
cnvd
cnvd
openvas
openvas
WordPress UpdraftPlus Backup Plugin < 1.16.69 XSS Vulnerability
2022-02-08 00:00:00
wpexploit
wpexploit
UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
2021-12-28 00:00:00