26 matches found
EUVD-2021-23421
Malware in sbrugna...
EUVD-2015-9269
Malware in sbrugna...
EUVD-2021-23417
Malware in sbrugna...
CVE-2015-9429
The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panelpage parameter...
CVE-2021-36841
Authenticated Stored Cross-Site Scripting XSS vulnerability in YITH Maintenance Mode WordPress plugin versions = 1.3.7, vulnerable parameter &yithmaintenancenewslettersubmitlabel. Possible even when unfiltered HTML is disallowed by WordPress configuration...
CVE-2021-36845
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in YITH Maintenance Mode WordPress plugin versions = 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 - "Newsletter" tab,...
CVE-2021-36845
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in YITH Maintenance Mode WordPress plugin versions = 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 - "Newsletter" tab,...
CVE-2021-36841
Authenticated Stored Cross-Site Scripting XSS vulnerability in YITH Maintenance Mode WordPress plugin versions = 1.3.7, vulnerable parameter &yithmaintenancenewslettersubmitlabel. Possible even when unfiltered HTML is disallowed by WordPress configuration...
Cross site scripting
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in YITH Maintenance Mode WordPress plugin versions = 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 - "Newsletter" tab,...
Cross site scripting
Authenticated Stored Cross-Site Scripting XSS vulnerability in YITH Maintenance Mode WordPress plugin versions = 1.3.7, vulnerable parameter &yithmaintenancenewslettersubmitlabel. Possible even when unfiltered HTML is disallowed by WordPress configuration...
CVE-2021-36845 YITH Maintenance Mode (WordPress plugin) <= 1.3.8 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in YITH Maintenance Mode WordPress plugin versions = 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 - "Newsletter" tab,...
CVE-2021-36845 YITH Maintenance Mode (WordPress plugin) <= 1.3.8 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities in YITH Maintenance Mode WordPress plugin versions = 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. Vulnerable parameters: 1 - "Newsletter" tab,...
CVE-2021-36845
Summary: CVE-2021-36845 affects the WordPress plugin YITH Maintenance Mode (
CVE-2021-36841 YITH Maintenance Mode (WordPress plugin) <= 1.3.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability.
Authenticated Stored Cross-Site Scripting XSS vulnerability in YITH Maintenance Mode WordPress plugin versions = 1.3.7, vulnerable parameter &yithmaintenancenewslettersubmitlabel. Possible even when unfiltered HTML is disallowed by WordPress configuration...
CVE-2021-36841
Affected software : YITH Maintenance Mode plugin for WordPress (versions ≤ 1.3.7). Vulnerability : Authenticated Stored Cross-Site Scripting (XSS) in the vulnerable parameter &yith_maintenance_newsletter_submit_label , with possibility of exploitation even if unfiltered HTML is disallowed by Word...
CVE-2021-36841 YITH Maintenance Mode (WordPress plugin) <= 1.3.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability.
Authenticated Stored Cross-Site Scripting XSS vulnerability in YITH Maintenance Mode WordPress plugin versions = 1.3.7, vulnerable parameter &yithmaintenancenewslettersubmitlabel. Possible even when unfiltered HTML is disallowed by WordPress configuration...
WordPress 插件 跨站脚本漏洞
WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin YITH Maintenance Mode, which stems from a stored cross-site scripting XSS vulnerability in the authentication of YITH Maintenance Mode WordPress plugin version ...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin YITH Maintenance Mode, which ste...
YITH Maintenance Mode < 1.4.0 - Multiple Admin+ Stored Cross-Site Scripting
The plugin does not sanitise multiple of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks...
WordPress YITH Maintenance Mode plugin <= 1.3.8 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities discovered by Vlad Visse Patchstack in WordPress YITH Maintenance Mode plugin versions = 1.3.8. Additionally, there are 46 additional parameters fixed that were missed by updating from vulnerable version 1.3.7 to 1.3.8 reporte...