RSS   Vulnerabilities for 'Wp maintenance'   RSS

2022-04-15
 
CVE-2021-36828

CWE-79
 
 
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance (WordPress plugin) <= 6.0.4 affects multiple inputs.

 
2019-12-26
 
CVE-2019-19979

CWE-352
 
 
A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.

 

Copyright 2024, cxsecurity.com

 

Back to Top