CVE-2021-24426

CVE-2021-24426: Backup by 10Web <= 1.0.20 - Reflected Cross-Site Scripting (XSS)

Vendor Unknown
Product Backup by 10Web – Backup and Restore Plugin
Weakness CWE-79 · XSS
Published July 12, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Backup by 10Web – Backup and Restore Plugin WordPress plugin through 1.0.20 does not sanitise or escape the tab parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue

Key dates

02Disclosure timeline

July 12, 2021 CVE published
August 3, 2024 Record updated