First published: Wed Mar 15 2023(Updated: )
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JetBackup JetBackup – WP Backup, Migrate & Restore plugin <= 1.6.9.0 versions.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Jetbackup Jetbackup | <=1.6.9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-34148 is an improper neutralization of input during web page generation (cross-site scripting) vulnerability in the JetBackup plugin for WordPress.
The CVE-2022-34148 vulnerability occurs due to improper neutralization of user-controlled input, which allows an attacker to inject malicious scripts into web pages viewed by other users.
The severity of CVE-2022-34148 is medium, with a severity value of 4.8.
The JetBackup plugin versions <= 1.6.9.0 are affected by CVE-2022-34148.
To fix the CVE-2022-34148 vulnerability, it is recommended to update the JetBackup plugin to a version higher than 1.6.9.0.