ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 5.1.0 - Persistent Cross-Site Scripting (XSS) vulnerability

Product
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd
Description
Persistent Cross-Site Scripting (XSS) vulnerability found by Jinson Varghese Behanan in WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin (versions <= 5.1.0).
Solution
Update the WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin to the latest available version (at least 5.1.1).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-2020-15038
Versions
Affected In <= 5.1.0
Fixed In 5.1.1
Disclosure date
2020-07-29
Credits
Jinson Varghese Behanan
Submitter
ThreatPress