A high-severity Cross-Site Scripting (XSS) vulnerability has been unearthed in version 7.1 of the Coming Soon Chop Chop Plugin, warranting immediate attention to reinforce WordPress security and shield against potential malware threats. This critical security flaw was diligently discovered and responsibly reported by Phd.

The vulnerability arises from the plugin’s inadequate handling of user input, providing an opportunity for attackers to inject malicious scripts into the plugin’s settings page. Upon execution, this malicious JavaScript code poses severe risks to website security, potentially leading to theft of user credentials, redirection to malicious websites, or unwarranted display of ads.


The severity of this vulnerability is classified as high, underscoring the significant impact it holds on WordPress security.

Affected Versions:

The affected version of the plugin is 7.1. Although older versions may also be at risk, this has yet to be confirmed.


If an attacker successfully exploits this vulnerability, they could gain unauthorized access to your website and its users. Additionally, attackers could exploit the vulnerability to inflict damage upon your website or tarnish your online reputation.


To fortify your website’s defenses and mitigate potential threats, prompt action is paramount. Upgrade to the latest version of the Coming Soon Chop Chop Plugin (version 7.2) without delay. This critical update includes essential patches to rectify the vulnerability, ensuring your website remains secure and safeguarding sensitive information from unauthorized access.

In the realm of WordPress security, proactive measures are indispensable to protect against emerging threats and potential malware attacks. By staying vigilant and promptly addressing vulnerabilities like this high-severity XSS vulnerability, you establish a robust WordPress security posture and enhance user trust.

Remember, WordPress security is a shared responsibility, and taking immediate action to update vulnerable plugins is pivotal in maintaining website integrity and safeguarding user data. Act decisively to secure your WordPress site and create a safe digital environment for your visitors and users