A cross-site scripting (XSS) vulnerability was discovered in UpdraftPlus versions prior to 1.24.9. This vulnerability allows an attacker to inject malicious scripts through improperly sanitized input, potentially leading to session hijacking, data theft, or other malicious actions.

This vulnerability affects the following application versions:

  • UpdraftPlus: WordPress Backup & Migration Plugin 1.23.13
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.23.15
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.23.16
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.1
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.2
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.3
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.4
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.5
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.6
  • UpdraftPlus: WordPress Backup & Migration Plugin 1.24.7

Skriv et svar

Din e-mailadresse vil ikke blive publiceret. Krævede felter er markeret med *