CVE-2022-4897

Name of the Vulnerable Software and Affected Versions BackupBuddy WordPress plugin versions prior to 8.8.3

Description The issue is related to Reflected Cross-Site Scripting. It occurs because the BackupBuddy WordPress plugin does not properly sanitise and escape some parameters before outputting them back in various places.

Recommendations For versions prior to 8.8.3, update to version 8.8.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive parameters and ensuring proper input validation to minimize the risk of exploitation.