Vulnerabilities > Ithemes > Backupbuddy > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-21 CVE-2022-4897 Unspecified vulnerability in Ithemes Backupbuddy 8.5.8.0/8.7.4.1/8.7.5.0
The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting
network
low complexity
ithemes
6.1
6.1
2013-04-02 CVE-2013-2744 Information Exposure vulnerability in Ithemes Backupbuddy 2.2.25
importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function.
network
low complexity
ithemes wordpress CWE-200
5.0
5.0