CVE-2019-19979

A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.

Link	Resource
https://wpvulndb.com/vulnerabilities/9954	Exploit Third Party Advisory
https://www.wordfence.com/blog/2019/11/high-severity-vulnerability-patched-in-wp-maintenance-plugin/	Exploit Third Party Advisory

Configuration 1

cpe:2.3:a:wp_maintenance_project:wp_maintenance:*:*:*:*:*:wordpress:*:*

---

Published : 2019-12-26 03:15

Updated : 2020-08-24 05:37

---

NVD link : CVE-2019-19979

Mitre link : CVE-2019-19979

No products.

CWE-352

CWE-79