WP Database Backup – Unlimited Database & Files Backup by Backup for WP, CVE-2022-2271

CVE, Research URL: CVE-2022-2271
Home page URL: Security reports for WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Application: WP Database Backup – Unlimited Database & Files Backup by Backup for WP
Published on: Sep 05, 2022
Research Description: The WP Database Backup WordPress plugin before 5.9 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: max 5.9.
Status: vulnerable

WP Database Backup &#8211; Unlimited Database &amp; Files Backup by Backup for WP, CVE-2022-2271