Description
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner is prone to two vulnerabilities which can be exploited by malicious people to conduct cross-site scripting attacks. Successful exploitation of this vulnerability requires that "register_globals" is enabled. WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner version 3.0 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 3.0.1 or latest
References
Related Vulnerabilities
WordPress Plugin Social Sharing Toolkit Cross-Site Scripting (2.1.1)
WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)
WordPress Plugin s2Member Pro 'Coupon Code' Field HTML Injection (111216)
WordPress Plugin WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)