Vulnerabilities > Wpdevart > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-11 | CVE-2021-24577 | Unspecified vulnerability in Wpdevart Coming Soon and Maintenance Mode The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to stored XSS. | 5.4 |
| 2021-08-02 | CVE-2021-24464 | Unspecified vulnerability in Wpdevart Youtube Embed, Playlist and Popup The YouTube Embed, Playlist and Popup by WpDevArt WordPress plugin before 2.3.9 did not escape, validate or sanitise some of its shortcode options, available to users with a role as low as Contributor, leading to an authenticated Stored Cross-Site Scripting issue. | 5.4 |