cleantalk
Vulnerabilities and Security Researches

YITH Maintenance Mode, CVE-2015-9429

CVE, Research URL

CVE-2015-9429

Home page URL

Security reports for YITH Maintenance Mode

Application

YITH Maintenance Mode

Published on
Sep 26, 2019
Research Description
The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter.
Affected versions
Min -, max 1.2.0.
Status
vulnerable
Previous vulnerability researches
YITH Maintenance Mode (CVE-2015-9429) , Jun 06, 2024
YITH Maintenance Mode (CVE-2021-36841) , Jun 06, 2024
YITH Maintenance Mode (CVE-2021-36845) , Jun 06, 2024
New vulnerability
Accept Authorize.NET Payments Using Contact Form 7 (CVE-2025-53322) , Jul 01, 2025
Owl carousel responsive (CVE-2025-5590) , Jul 01, 2025
App Builder – Create Native Android & iOS Apps On The Flight (CVE-2025-49989) , Jul 01, 2025
Sitekit (CVE-2025-50047) , Jul 01, 2025
Responsive Food and Drink Menu (CVE-2025-6378) , Jul 01, 2025