Lucene search
China National Vulnerability DatabaseCNVD-2022-09990HistoryFeb 10, 2022 - 12:00 a.m.
WordPress UpdraftPlus WordPress Backup plugin cross-site scripting vulnerability
2022-02-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
40.4%
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress UpdraftPlus Backup Plugin in versions prior to 1.16.69. The vulnerability stems from the failure to escape the updraft_restore parameter and can be exploited by attackers to The vulnerability is caused by the lack of escaping the updraft_restore parameter, which can be exploited to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress updraftplus backup plugin | lt | 1.16.69 |
Related
cvelist
cvelist
CVE-2021-25089 UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
2022-02-01 12:21:37
openvas
openvas
WordPress UpdraftPlus Backup Plugin < 1.16.69 XSS Vulnerability
2022-02-08 00:00:00
wpvulndb
wpvulndb
UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
2021-12-28 00:00:00
wpexploit
wpexploit
UpdraftPlus < 1.16.69 - Reflected Cross-Site Scripting
2021-12-28 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2021-25089
2022-02-01 13:15:09
prion
prion
Cross site scripting
2022-02-01 13:15:00
cve
cve
CVE-2021-25089
2022-02-01 13:15:09