Medium severity6.1NVD Advisory· Published Jun 7, 2017· Updated May 13, 2026No known patch

CVE-2014-9310

No known patch is available for this vulnerability.

The affected plugin has been removed from the WordPress.org directory (reason: Guideline Violation), and no patched version is being distributed through the official directory. If you have the affected software installed, you should uninstall or replace it rather than wait for an update.

CVE-2014-9310

Description

Cross-site scripting (XSS) vulnerability in the WordPress Backup to Dropbox plugin before 4.1 for WordPress.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Wordpress Backup To Dropbox Project/Wordpress Backup To Dropbox2 versions
cpe:2.3:a:wordpress_backup_to_dropbox_project:wordpress_backup_to_dropbox:*:*:*:*:*:wordpress:*:*+ 1 more
- cpe:2.3:a:wordpress_backup_to_dropbox_project:wordpress_backup_to_dropbox:*:*:*:*:*:wordpress:*:*range: <=4.0
- (no CPE)range: <4.1

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/75082nvdThird Party AdvisoryVDB Entry
security.szurek.pl/wordpress-backup-to-dropbox-40-reflected-xss.htmlnvdThird Party Advisory
wordpress.org/plugins/wordpress-backup-to-dropbox/nvdProductVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000