First published: Wed Aug 28 2019(Updated: )
The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg().
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Updraftplus Updraftplus | <1.9.64 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2015-9360.
The affected software is the updraftplus plugin before version 1.9.64 for WordPress.
CVE-2015-9360 has a severity rating of 6.1 (medium).
The CWE ID for this vulnerability is CWE-79.
To fix this vulnerability, update the updraftplus plugin to version 1.9.64 or later.