Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2021-36841
- EPSS 0.36%
- Published 27.09.2021 16:15:09
- Last modified 21.11.2024 06:14:10
Authenticated Stored Cross-Site Scripting (XSS) vulnerability in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.7, vulnerable parameter &yith_maintenance_newsletter_submit_label. Possible even when unfiltered HTML is disallowed by WordPress...
4.8
CVE-2021-36845
- EPSS 0.7%
- Published 27.09.2021 16:15:09
- Last modified 21.11.2024 06:14:10
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulne...
6.5
CVE-2015-9429
- EPSS 0.19%
- Published 26.09.2019 01:15:10
- Last modified 21.11.2024 02:40:36
The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter.
1