RSS   Podatności dla 'Database backup'   RSS

2022-06-08
 
CVE-2022-1577

CWE-352
 

 
The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. Or disable the automatic backup schedule

 
2022-02-21
 
CVE-2022-0255

CWE-89
 

 
The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue

 

 >>> Vendor: Deliciousbrains 2 Produkty
Wp offload ses lite
Database backup


Copyright 2024, cxsecurity.com

 

Back to Top