WordPress Plugin Vulnerabilities

WordPress Backup to Dropbox 4.0 - Reflected XSS

Description

The wordpress-backup-to-dropbox WordPress plugin was affected by a Reflected XSS security vulnerability.

Affects Plugins

Plugin icon
wordpress-backup-to-dropbox
Fixed in 4.1

References

CVE
CVE-2014-9310
URL
https://security.szurek.pl/wordpress-backup-to-dropbox-40-reflected-xss.html

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
6950efcf-38c4-4b33-90f1-4fa6dc4c2820

Timeline

Publicly Published
2014-12-22 (about 11 years ago)
Added
2015-06-02 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2026-04-27
Title
Social Post Embed < 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Threads Embed
Published
2025-03-24
Title
DesignThemes Core Features <= 4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published
2026-01-09
Title
Stylish Cost Calculator < 8.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2020-01-28
Title
SAML SP Single Sign On < 4.8.84 - Cross-Site Scripting (XSS) via Crafted SAML XML Response
Published
2024-11-08
Title
OS Pricing Tables <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting