Lucene search
Jinson Varghese BehananWPEX-ID:378239A5-A7F2-4CCB-BB46-4D2B667FDF16HistoryJun 25, 2020 - 12:00 a.m.
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd < 5.1.2 - Authenticated Stored Cross Site Scripting (XSS)
2020-06-2500:00:00
Jinson Varghese Behanan
23
0.004 Low
EPSS
Percentile
72.0%
Authenticated stored cross-site scripting issues in some of the plugin settings, requiring high privileges.
Affected fields are in the settings of the plugin and will be triggered when the common soon page is displayed (either the preview or normal one):
Logo: x' onerror='alert(/XSS/)
Headlines: <script>alert(/XSS/</script> (for v < 5.1.1), <img src=x onerror=alert(/XSS/)/> (for v < 5.1.2)
Related
prion
prion
Cross site scripting
2020-06-24 20:15:00
openvas
openvas
WordPress Website Builder by SeedProd Plugin < 5.1.2 XSS Vulnerability
2023-11-21 00:00:00
wpvulndb
wpvulndb
checkpoint_advisories
checkpoint_advisories
WordPress SeedProd Plugin Persistent Cross-Site Scripting (CVE-2020-15038)
2020-09-01 00:00:00
zdt
zdt
cve
cve
CVE-2020-15038
2020-06-24 20:15:10
cvelist
cvelist
CVE-2020-15038
2020-06-24 19:58:59
nvd
nvd
CVE-2020-15038
2020-06-24 20:15:10
packetstorm
packetstorm
WordPress Maintenance Mode By SeedProd 5.1.1 Cross Site Scripting
2020-07-29 00:00:00
patchstack
patchstack
exploitdb
exploitdb