VM Backups <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS)
CVE-2021-24173
6.1MEDIUM
What is CVE-2021-24173?
The VM Backups WordPress plugin through 1.0 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as update the plugin's options, leading to a Stored Cross-Site Scripting issue.
Affected Version(s)
VM Backups 1.0