152 matches found
WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 5.1.0 - Persistent Cross-Site Scripting (XSS) vulnerability
Persistent Cross-Site Scripting XSS vulnerability found by Jinson Varghese Behanan in WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin versions = 5.1.0. Solution Update the WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin to...
Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting Date: 2020-06-22 Vendor Homepage: https://www.seedprod.com/ Vendor Changelog: https://wordpress.org/plugins/coming-soon/developers Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author...
WordPress Plugin Maintenance Mode by SeedProd Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Maintenance Mode by SeedProd. The...
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd < 5.1.2 - Authenticated Stored Cross Site Scripting (XSS)
Authenticated stored cross-site scripting issues in some of the plugin settings, requiring high privileges. PoC Affected fields are in the settings of the plugin and will be triggered when the common soon page is displayed either the preview or normal one: Logo: x' onerror='alert/XSS/ Headlines:...
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd < 5.1.2 - Authenticated Stored Cross Site Scripting (XSS)
Authenticated stored cross-site scripting issues in some of the plugin settings, requiring high privileges. Affected fields are in the settings of the plugin and will be triggered when the common soon page is displayed either the preview or normal one: Logo: x' onerror='alert/XSS/ Headlines:...
CVE-2020-15038
The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS...
CVE-2020-15038
The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS...
Cross site scripting
The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS...
CVE-2020-15038
The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS...
CVE-2020-15038
The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS...
CVE-2020-15038
CVE-2020-15038 affects the SeedProd WordPress plugin (Coming Soon Page/Maintenance Mode) up to version 5.1.1. The vulnerability is a stored XSS in the plugin’s page settings (e.g., headline field) that can trigger when the Coming Soon page is displayed. Multiple sources (NVD entry and OpenVAS/Exp...
PT-2020-14139 · Seedprod · Seedprod
Name of the Vulnerable Software and Affected Versions: SeedProd coming-soon plugin versions prior to 5.1.1 Description: The issue allows for XSS. Recommendations: For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue...