22 matches found
Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access
The plugin does not restrict access to published and non protected posts/pages when the maintenance mode is enabled, allowing unauthenticated users to access them. id: CVE-2023-1263 info: name: Coming Soon & Maintenance 4.1.7 - Unauthenticated Post/Page Access author: r3Y3r53 severity: medium...
EUVD-2020-27318
Malware in sbrugna...
EUVD-2025-10943
Malicious code in bioql PyPI...
CVE-2025-26894
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mobeen Abdullah Coming Soon, Maintenance Mode site-mode allows PHP Local File Inclusion.This issue affects Coming Soon, Maintenance Mode: from n/a through = 1.1.1...
WordPress plugin CMP – Coming Soon & Maintenance 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPres...
CVE-2025-24546
Cross-Site Request Forgery CSRF vulnerability in RSTheme Ultimate Coming Soon & Maintenance ultimate-coming-soon allows Cross Site Request Forgery.This issue affects Ultimate Coming Soon & Maintenance: from n/a through = 1.0.9...
WordPress plugin Ultimate Coming Soon & Maintenance 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2023-50374
Server-Side Request Forgery SSRF vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10...
CVE-2023-50374 WordPress CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin <= 4.1.10 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10...
CVE-2023-50374
CVE-2023-50374 is a reported SSRF vulnerability in the WordPress plugin CMP – Coming Soon & Maintenance by NiteoThemes. The issue affects versions from unspecified start (n/a) up to 4.1.10 . The connected Red Hat advisory RH:CVE-2023-50374 mirrors the same description and confirms the SSRF impact...
WordPress CMP – Coming Soon & Maintenance Plugin <= 4.1.10 is vulnerable to Server Side Request Forgery (SSRF)
Software CMP – Coming Soon & Maintenance Type Plugin Vulnerable versions = 4.1.10 Fixed in 4.1.11 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2023-50374 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID...
WordPress Plugin Coming Soon & Maintenance Mode by Colorlib Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2024-1475
The Coming Soon Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page content thus bypassing the protection provided by the...
CVE-2024-1475
The Coming Soon Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.5 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page content thus bypassing the protection provided by the...
WordPress Plugin Coming Soon Maintenance Mode Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress CMP - Coming Soon & Maintenance Plugin < 4.1.7 Information Disclosure Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:niteothemes:cmp"; ifdescription...
WordPress CMP – Coming Soon & Maintenance Plugin <= 4.1.6 is vulnerable to Sensitive Data Exposure
Software CMP – Coming Soon & Maintenance Type Plugin Vulnerable versions = 4.1.6 Fixed in 4.1.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-1263 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7aa91bb177d3 Credits Marco...
WordPress plugin CMP–Coming Soon & Maintenance 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...
CVE-2022-1945
The Coming Soon & Maintenance Mode by Colorlib WordPress plugin before 1.0.99 does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfilteredhtml is disallowed for example in multisite setup...
Under Construction, Coming Soon & Maintenance Mode < 1.1.2 - Server Side Request Forgery (SSRF)
The includes/mc-getlists.php file used the 'apiKey' POST parameter to create an https URL from it without sanitisation and called it with cURL, leading to a SSRF issue. The issue is exploitable via direct access to the affected file, and ucmmmcapi AJAX call available to both authenticated and...