CVE-2022-34148: XSS
First published: Wed Mar 15 2023(Updated: )
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JetBackup JetBackup – WP Backup, Migrate & Restore plugin <= 1.6.9.0 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jetbackup Jetbackup | <=1.6.9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-34148?
CVE-2022-34148 is an improper neutralization of input during web page generation (cross-site scripting) vulnerability in the JetBackup plugin for WordPress.
How does the CVE-2022-34148 vulnerability occur?
The CVE-2022-34148 vulnerability occurs due to improper neutralization of user-controlled input, which allows an attacker to inject malicious scripts into web pages viewed by other users.
What is the severity of CVE-2022-34148?
The severity of CVE-2022-34148 is medium, with a severity value of 4.8.
Which versions of the JetBackup plugin are affected by CVE-2022-34148?
The JetBackup plugin versions <= 1.6.9.0 are affected by CVE-2022-34148.
How can I fix the CVE-2022-34148 vulnerability?
To fix the CVE-2022-34148 vulnerability, it is recommended to update the JetBackup plugin to a version higher than 1.6.9.0.
- collector/nvd-index
- vendor/jetbackup
- canonical/jetbackup jetbackup
- version/jetbackup jetbackup/1.6.9.0