1 results (0.002 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25035 – Backup and Staging by WP Time Capsule < 1.22.7 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-25035
The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting El plugin Backup and Staging by WP Time Capsule de WordPress versiones anteriores a 1.22.7, no comprueba ni escapa del parámetro error antes de devolverlo a una página de administración, conllevando a un problema de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2641264 https://wpscan.com/vulnerability/f426360e-5ba0-4d6b-bfd4-61bc54be3469 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •