ReportizFlow
Filtered by vendor Deliciousbrains
Subscriptions
Filtered by product Database Backup
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1577 | 1 Deliciousbrains | 1 Database Backup | 2024-11-21 | 5.4 Medium |
| The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule | ||||
| CVE-2022-0255 | 1 Deliciousbrains | 1 Database Backup | 2024-11-21 | 7.2 High |
| The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue | ||||
| CVE-2021-24322 | 1 Deliciousbrains | 1 Database Backup | 2024-11-21 | 5.4 Medium |
| The Database Backup for WordPress plugin before 2.4 did not escape the backup_recipient POST parameter in before output it back in the attribute of an HTML tag, leading to a Stored Cross-Site Scripting issue. | ||||
Page 1 of 1.