The VM Backups WordPress plugin up to and including 1.0 does not have CSRF checks, allowing malicious users to make a logged in user unwanted actions, such as update the plugin's options, leading to a Stored Cross-Site Scripting issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vm backups project vm backups |