The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to stored XSS.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/d453b547-41a8-4a6b-8349-8686b7054805 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2021-10-11T10:45:33
Updated: 2021-10-11T10:45:33
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24577
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-11T11:15:08.853
Modified: 2021-10-15T16:23:04.217
Link: CVE-2021-24577
JSON object: View
Redhat Information
No data.
CWE