Update the WordPress UpdraftPlus plugin to the latest available version (at least 1.22.3).
Marc-Alexandre Montpas (Automattic) discovered and reported this Arbitrary File Download vulnerability in WordPress UpdraftPlus Plugin. This could allow a malicious actor to download any file from your website. This includes but is not limited to files that contain login credentials or backup files. This vulnerability has been fixed in version 1.22.3.
Reflected CrossSite Scripting (XSS) vulnerability
4.8
10.03.2022
Reflected CrossSite Scripting (XSS) vulnerability
4.8
28.12.2021
Reflected CrossSite Scripting (XSS) vulnerability
4.8
06.12.2021
Local File Inclusion (LFI) vulnerability
4.9
12.07.2021
Cross Site Scripting
20.04.2015
Successfully submit vulnerabilities and receive an invite to our Alliance platform.
Learn more
Close
UpdraftPlus
LinkedIn
Facebook
Twitter
Join Discord
