Cve 2025 0215. CVE202242475 ioo0s's blog Description CVE-2025-0215 pertains to a Reflected Cross-Site Scripting (XSS) vulnerability found in the UpdraftPlus: WP Backup & Migration Plugin for WordPress This makes it possible for unauthenticated attackers to inject arbitrary web scripts.
Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE202521333, CVE202521334, CVE from securityboulevard.com
The root cause stems from insufficient input sanitization and output escaping for the parameters showdata and initiate_restore. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can.
At cve.org, we provide the authoritative reference method for publicly known information-security vulnerabilities and exposures This makes it possible for unauthenticated attackers to inject arbitrary web scripts. Unauthenticated attackers can exploit this flaw by injecting arbitrary web scripts.
Cve202520197 Dasie. Description CVE-2025-0215 pertains to a Reflected Cross-Site Scripting (XSS) vulnerability found in the UpdraftPlus: WP Backup & Migration Plugin for WordPress This makes it possible for unauthenticated attackers to inject arbitrary web scripts.
CVE202420253 Critical Code Execution Flaw in Cisco Products. CVE-2025-0215 Vulnerability, Severity 0 N/A, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the showdata and initiate_restore parameters in all versions up to, and including, 1.24.12 due to insufficient input sanitization and output escaping