CVE-2021-36841
Authenticated Stored Cross-Site Scripting XSS vulnerability in YITH Maintenance Mode WordPress plugin versions = 1.3.7, vulnerable parameter &yithmaintenancenewslettersubmitlabel. Possible even when unfiltered HTML is disallowed by WordPress configuration...