Description
WordPress Plugin UpdraftPlus WordPress Backup is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin UpdraftPlus WordPress Backup versions from 1.22.14 and up to 1.23.2 are vulnerable.
Remediation
Update to plugin version 1.23.3 or latest
References
Related Vulnerabilities
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10100)
WordPress Plugin Email newsletter 'option' Parameter Information Disclosure (8.0)
WordPress Plugin Quiz Tool Lite Multiple Cross-Site Scripting Vulnerabilities (2.3.15)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Request Forgery (7.8)