WordPress Keep Backup Daily plugin <= 2.0.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Vulnerable versions
<= 2.0.2
PSID
1e6425bdc948
Classification
Cross Site Scripting (XSS)
OWASP Top 10
A7: Cross-Site Scripting (XSS)
Required privilege
Publicly disclosed
2022-05-23
Patchstack vPatch available since
09.12.2021
Details
Reflected Cross-Site Scripting (XSS) vulnerability discovered by Eduardo Estevao de Oliveira Azevedo in WordPress Keep Backup Daily plugin (versions <= 2.0.2).
Solution
Update the WordPress Keep Backup Daily plugin to the latest available version (at least 2.0.3).
References
CVE-2022-1820
Vulnerability details
Plugin changelog