VYPR

JetBackup – WP Backup, Migrate & Restore

by WordPress

CVEs (4)

  • CVE-2020-36669HigMar 7, 2023
    risk 0.57cvss 8.8epss 0.00

    The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.3.9. This is due to missing nonce validation on the backup_guard_get_import_backup() function. This makes it possible for…

  • CVE-2020-36667MedMar 7, 2023
    risk 0.35cvss 5.4epss 0.00

    The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to unauthorized back-up location changes in versions up to, and including 1.4.1 due to a lack of proper capability checking on the backup_guard_cloud_dropbox, backup_guard_cloud_gdrive, and…

  • CVE-2022-34148MedMar 15, 2023
    risk 0.31cvss 4.8epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JetBackup JetBackup – WP Backup, Migrate & Restore plugin <= 1.6.9.0 versions.

  • CVE-2020-36668MedMar 7, 2023
    risk 0.28cvss 4.3epss 0.01

    The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to sensitive information disclosure in versions up to, and including, 1.4.0 due to a lack of proper capability checking on the backup_guard_get_manual_modal function called via an AJAX action. This…