Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.5 views

CVE-2022-0199

The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in its comingsoonsendmail AJAX action, allowing attackers to make logged in admin to send arbitrary emails to all subscribed users via a CSRF attack...

4.3CVSS6.8AI score0.00464EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.6 views

CVE-2023-49741

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through 3.7.3...

3.7CVSS6.9AI score0.0034EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.8 views

PT-2024-16933 · WordPress · The Coming Soon Page & Maintenance Mode

Name of the Vulnerable Software and Affected Versions: The Coming Soon Page & Maintenance Mode plugin for WordPress versions up to, and including, 2.2.1 Description: The issue arises from an improperly implemented URL check in the wpsm coming soon redirect function, allowing unauthorized access t...

5.3CVSS6.2AI score0.00465EPSS
Exploits0References5
wpexploit
wpexploit
added 2022/07/26 12:0 a.m.175 views

Coming Soon - Under Construction <= 1.2.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed As admin, put the following payload in the "More text information" settings of the plugin: The XSS will be triggered...

4.8CVSS4.9AI score0.00513EPSS
Exploits2
OSV
OSV
added 2021/11/01 9:15 a.m.3 views

CVE-2021-24539

The Coming Soon, Under Construction & Maintenance Mode By Dazzler WordPress plugin before 1.6.7 does not sanitise or escape its description setting when outputting it in the frontend when the Coming Soon mode is enabled, even when the unfilteredhtml capability is disallowed, leading to an...

4.8CVSS5.8AI score0.00571EPSS
Exploits2References1
Rows per page
Query Builder