CVE-2023-32960

Summary

Cross-Site Request Forgery (CSRF) vulnerability in UpdraftPlus.Com, DavidAnderson UpdraftPlus WordPress Backup Plugin <= 1.23.3 versions leads to sitewide Cross-Site Scripting (XSS).

Affected Software

VendorProductVersion RangeStatus
UpdraftPlus.Com, DavidAndersonUpdraftPlus WordPress Backup Pluginn/a <= 1.23.3affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References