Vulnerabilities

CVE-2021-25022

by Fred · 03/01/2022

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues

Date published : 2022-01-03

https://plugins.trac.wordpress.org/changeset/2635585/updraftplus

https://plugins.trac.wordpress.org/changeset/2637112/updraftplus

Similar

Tags: Cybersecurity Alert