Vulnerabilities > Yithemes > Yith Maintenance Mode > 1.3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-36841 | Cross-site Scripting vulnerability in Yithemes Yith Maintenance Mode Authenticated Stored Cross-Site Scripting (XSS) vulnerability in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.7, vulnerable parameter &yith_maintenance_newsletter_submit_label. | 5.4 |
| 2021-09-27 | CVE-2021-36845 | Cross-site Scripting vulnerability in Yithemes Yith Maintenance Mode Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions <= 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. | 4.8 |