2 matches found
CVE-2021-24539 Coming Soon, Under Construction & Maintenance Mode By Dazzler < 1.6.7 - Admin+ Stored Cross-Site Scripting
The Coming Soon, Under Construction & Maintenance Mode By Dazzler WordPress plugin before 1.6.7 does not sanitise or escape its description setting when outputting it in the frontend when the Coming Soon mode is enabled, even when the unfilteredhtml capability is disallowed, leading to an...
CVE-2021-24539
The CVE-2021-24539 entry concerns the WordPress plugin “Coming Soon, Under Construction & Maintenance Mode By Dazzler” (pre-1.6.7). Multiple connected sources confirm an authenticated Stored Cross-Site Scripting (XSS) flaw caused by insufficient sanitization/escaping of the Description field when...