VYPR

Yith Maintenance Mode (wordpress Plugin)

by Yithemes

CVEs (2)

  • CVE-2021-36845Sep 27, 2021
    risk 0.00cvss epss 0.01

    Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 -…

  • CVE-2021-36841Sep 27, 2021
    risk 0.00cvss epss 0.01

    Authenticated Stored Cross-Site Scripting (XSS) vulnerability in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.7, vulnerable parameter &yith_maintenance_newsletter_submit_label. Possible even when unfiltered HTML is disallowed by WordPress configuration.