WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner 'mosmsg' and 'option' Parameters Cross-Site Scripting Vulnerabilities (3.0)

Description

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner is prone to two vulnerabilities which can be exploited by malicious people to conduct cross-site scripting attacks. Successful exploitation of this vulnerability requires that "register_globals" is enabled. WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner version 3.0 is vulnerable; other versions may also be affected.

Remediation

Update to plugin version 3.0.1 or latest

References

Related Vulnerabilities

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update XSS