CVE-2021-25035

Summary

The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting

Affected Software

VendorProductVersion RangeStatus
UnknownBackup and Staging by WP Time Capsule1.22.7 < 1.22.7affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References