[MEDIUM] The Backup Plus extension for TYPO3 (ns_backup) allows command injections

PKSA-ch8z-r156-ncs9 CVE-2025-48204 GHSA-463c-jhp2-4mm7

Affected version: <13.0.1

Reported by:
GitHub

[LOW] The Backup Plus extension for TYPO3 (ns_backup) allows XSS

PKSA-qh92-x96z-qvpv CVE-2025-48206 GHSA-xg53-mhh9-3cq7

Affected version: <13.0.1

Reported by:
GitHub

[HIGH] TYPO3-EXT-SA-2025-007: Multiple vulnerabilities in extension "Backup Plus" (ns_backup)

PKSA-d8ty-mjhy-wmn3 CVE-2025-48201 GHSA-hq4f-5qjv-fwrg

Affected version: <13.0.1

Reported by:
GitHub, FriendsOfPHP/security-advisories