Security Advisory

CVE-2022-1945

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-20 10:26:21

Last updated 2024-08-03 00:24:42

Assigner WPScan

State PUBLISHED

Description

The Coming Soon & Maintenance Mode by Colorlib WordPress plugin before 1.0.99 does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfiltered_html is disallowed (for example in multisite setup)

← Browse all CVEs View on cve.org ↗