cleantalk
Vulnerabilities and Security Researches

Backup, Restore and Migrate WordPress Sites With the XCloner Plugin, CVE-2015-4337

CVE, Research URL

CVE-2015-4337

Home page URL

Security reports for Backup, Restore and Migrate WordPress Sites With the XCloner Plugin

Application

Backup, Restore and Migrate WordPress Sites With the XCloner Plugin

Published on
Jun 17, 2015
Research Description
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xcloner_show page to wpadmin/plugins.php.
Affected versions
Min -, max 3.1.3.
Status
vulnerable
Previous vulnerability researches
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2014-8605) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2014-8603) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2015-4336) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2015-4338) , Jun 06, 2024
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin (CVE-2014-2340) , Jun 06, 2024
New vulnerability
Contact Us Page – Contact People (CVE-2025-28967) , Jul 07, 2025
WP fancybox (CVE-2025-26591) , Jul 07, 2025
Click & Pledge Connect Plugin (CVE-2025-28983) , Jul 07, 2025
Posts Slider Shortcode (CVE-2025-30943) , Jul 07, 2025
Leyka (CVE-2025-52805) , Jul 07, 2025