2019-12-26 02:26:32
mitre
PUBLISHED
A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable sites maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.