CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

380 matches found

Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access

The plugin does not restrict access to published and non protected posts/pages when the maintenance mode is enabled, allowing unauthenticated users to access them. id: CVE-2023-1263 info: name: Coming Soon & Maintenance 4.1.7 - Unauthenticated Post/Page Access author: r3Y3r53 severity: medium...

5.3CVSS6.6AI score0.22923EPSS

Exploits1References5

RedhatCVE•added 3 days ago•4 views

CVE-2026-34896

Cross-Site Request Forgery CSRF vulnerability in Analytify Under Construction, Coming Soon & Maintenance Mode allows Cross Site Request Forgery.This issue affects Under Construction, Coming Soon & Maintenance Mode: from n/a through 2.1.1...

7.5CVSS5.4AI score0.00021EPSS

Exploits0References1

Positive Technologies•added 2026/05/22 12:0 a.m.•6 views

PT-2026-42767

Name of the Vulnerable Software and Affected Versions DOMPurify version 3.4.4 Description DOMPurify allows the element by default, which enables a bypass of the sanitization process. This occurs because browsers may re-clone an XSS payload after the sanitizer has already processed the subtree...

8.2CVSS5.9AI score

Exploits0References6

Patchstack•added 2026/04/19 11:25 p.m.•3 views

WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin <= 4.1.16 - Missing Authorization to Authenticated (Administrator+) Arbitrary File Upload and Remote Code Execution vulnerability

WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin = 4.1.16 - Missing Authorization to Authenticated Administrator+ Arbitrary File Upload and Remote Code Execution vulnerability discovered by ll in WordPress Plugin CMP – Coming Soon & Maintenance versions = 4.1.16...

8.8CVSS5.8AI score0.00078EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/04/18 3:37 a.m.•1 views

CVE-2026-6518

The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the cmpthemeupdateinstall AJAX action. This is due to the function only checking for the publishpages...

8.8CVSS6.6AI score0.00078EPSS

Exploits0References6

EUVD•added 2026/04/18 3:37 a.m.•2 views

EUVD-2026-23654

8.8CVSS6.6AI score0.00078EPSS

Exploits0References5

CNNVD•added 2026/04/18 12:0 a.m.•5 views

WordPress plugin CMP – Coming Soon & Maintenance Plugin by NiteoThemes 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS6.2AI score0.00078EPSS

Exploits0References2

RedhatCVE•added 2026/04/14 7:23 p.m.•3 views

CVE-2026-39464

Server-Side Request Forgery SSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Server Side Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.19.8...

5.5CVSS5.8AI score0.00033EPSS

Exploits0References1

EUVD•added 2026/04/08 9:31 a.m.•1 views

EUVD-2026-20135

5.9AI score0.00033EPSS

Exploits0References2

NVD•added 2026/04/08 9:16 a.m.•3 views

CVE-2026-39464

5.5CVSS0.00033EPSS

Exploits0References1

Cvelist•added 2026/04/08 8:30 a.m.•16 views

CVE-2026-39464 WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.8 - Server Side Request Forgery (SSRF) vulnerability

5.5CVSS0.00033EPSS

Exploits0References1

CVE•added 2026/04/08 8:30 a.m.•5 views

CVE-2026-39464

The vulnerability CVE-2026-39464 is described as a Server-Side Request Forgery (SSRF) in the SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon, affecting versions up to 6.19.8. The connected Red Hat, ENISA EUVD, NVD, CVE list, and related feeds all reiterate...

5.5CVSS5.9AI score0.00033EPSS

Exploits0References1

ATTACKERKB•added 2026/04/08 8:30 a.m.•0 views

CVE-2026-39464

5.9AI score0.00033EPSS

Exploits0References2

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31113

5.9AI score0.00033EPSS

Exploits0References3

CNNVD•added 2026/04/08 12:0 a.m.•3 views

WordPress plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd 代码问题漏洞

5.5CVSS5.9AI score0.00033EPSS

Exploits0References1

NVD•added 2026/04/07 9:16 a.m.•1 views

CVE-2026-34896

7.5CVSS0.00021EPSS

Exploits0References1

ATTACKERKB•added 2026/04/07 8:20 a.m.•4 views

CVE-2026-34896

7.5CVSS5.9AI score0.00021EPSS

Exploits0References2

EUVD•added 2026/04/07 8:20 a.m.•4 views

EUVD-2026-19590

7.5CVSS5.9AI score0.00021EPSS

Exploits0References1

Patchstack•added 2026/04/07 8:19 a.m.•2 views

WordPress Under Construction, Coming Soon & Maintenance Mode plugin <= 2.1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Carlos Ferreira in WordPress Plugin Under Construction, Coming Soon & Maintenance Mode versions = 2.1.1...

7.5CVSS5.9AI score0.00021EPSS

Exploits0Affected Software1

Positive Technologies•added 2026/04/07 12:0 a.m.•2 views

PT-2026-30807

Name of the Vulnerable Software and Affected Versions Analytify Under Construction, Coming Soon & Maintenance Mode versions through 2.1.1 Description A Cross-Site Request Forgery CSRF issue exists in Analytify Under Construction, Coming Soon & Maintenance Mode. This allows attackers to perform...

7.5CVSS5.8AI score0.00021EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by