EZP Coming Soon Page <= 1.0.0 - Authenticated Cross-Site Scripting (XSS)

Affects Plugin

EZP Coming Soon Page

fixed in version 1.0.1

References

URL	http://cinu.pl/research/wp-plugins/mail_e72b492ed065d034e5acd0dda7e729b9.html
URL	http://blog.cinu.pl/2015/11/php-static-code-analysis-vs-top-1000-wordpress-plugins.html

Classification

Type	XSS
OWASP Top 10	A7: Cross-Site Scripting (XSS)
CWE	CWE-79

Miscellaneous

Submitter	ethicalhack3r
Submitter Website	https://dewhurstsecurity.com/
Submitter Twitter	ethicalhack3r
Views	6502
Verified	No
WPVDB ID	8288

Timeline

Publicly Published	2015-08-10 (almost 5 years ago)
Added	2015-11-24 (over 4 years ago)
Last Updated	2019-10-31 (7 months ago)

Our Other Services

Online WordPress Vulnerability Scanner

WPScan WordPress Security Plugin