This can be mitigated by setting the unfiltered_html setting to ‘no’ or ‘false’. This issue was fixed in the latest WP 5.9.1. See the following link for more information on how to upgrade the plugin.
Unfiltered HTML settings fixed in 5.9.1.
The WP Database Backup plugin does not escape the ‘user_role’, that is, it does not filter the ‘role’ attribute of the ‘user_role’ field when ‘user_role’ is not an array. This means that even if you have set the ‘user_role’ filter to an array containing ‘role_access’, ‘role_public’ or ‘role_admin’, this plugin will still inject the ‘role_’ field with the value of the ‘role_access’ field if the user_role filter is set to an array containing ‘role_access’. This can be used by malicious hackers to inject malicious code into your site when you do Cross-Site Scripting attacks against other websites.
Solution: Use Only Trusted Plugins
The WP Database Backup plugin should not be used on a site with trusted plugins.
Published on: 09/05/2022 13:15:00 UTC
Last modified on: 09/08/2022 14:54:00 UTC