CVE-2022-0531

CVE-2022-0531: WPvivid Backup and Migration Plugin < 0.9.70 - Reflected Cross-Site Scripting

Vendor Unknown

Product Migration, Backup, Staging – WPvivid

Weakness CWE-79 · XSS

Published April 11, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Migration, Backup, Staging WordPress plugin before 0.9.70 does not sanitise and escape the sub_page parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting

Key dates

02Disclosure timeline

April 11, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-0531 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2023-1081 Cross-site Scripting (XSS) - Stored in microweber/microweber CVE-2024-11095 Visualmodo Elements <= 1.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload CVE-2018-0450 Cisco Data Center Network Manager Cross-Site Scripting Vulnerability CVE-2026-27262 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2015-10120 WDS Multisite Aggregate Plugin WDS_Multisite_Aggregate_Options.php update_options cross site scripting