The plugin does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfiltered_html is disallowed (for example in multisite setup)
Put the following payload in the “Google Analytics” settings of the plugin (in the General section): "> The XSS will be triggered when accessing the settings again, as well as all frontend page
CPE | Name | Operator | Version |
---|---|---|---|
colorlib-coming-soon-maintenance | lt | 1.0.99 |