8.7.5.0

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

ithemes

NVD

Published: 2023-02-21

Updated: 2023-11-07

Summary

The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting

Vulnerable Configurations

Part	Description	Count
Application	Ithemes Ithemes Backupbuddy - Ithemes Backupbuddy 8.5.8.0 Ithemes Backupbuddy 8.7.4.1 Ithemes Backupbuddy 8.7.5.0	4

References

https://wpscan.com/vulnerability/7b0eeafe-b9bc-43b2-8487-a23d3960f73f