CVE-2021-25035

CVE-2021-25035: Backup and Staging by WP Time Capsule < 1.22.7 - Reflected Cross-Site Scripting

Vendor Unknown
Product Backup and Staging by WP Time Capsule
Weakness CWE-79 · XSS
Published January 24, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting

Key dates

02Disclosure timeline

January 24, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-52793 XSS vulnerability in serveDir API of @std/http/file-server on POSIX systems CVE-2024-1018 PbootCMS cross site scripting CVE-2025-63066 WordPress Porto Theme - Functionality plugin < 3.7.3 - Cross Site Scripting (XSS) vulnerability CVE-2025-8508 Portabilis i-Educar educar_avaliacao_desempenho_cad.php cross site scripting CVE-2022-34656 WordPress Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 - Authenticated Cross-Site Scripting (XSS) vulnerability