exploitDog

GHSA-jjh4-9fxq-rj65

Опубликовано: 04 янв. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues

Ссылки

EPSS

Процентиль: 50%

0.00269

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-25022

CVSS3: 6.1

nvd

около 4 лет назад

The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues

EPSS

Процентиль: 50%

0.00269

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79