Maintenance Switch <= 1.5.2 - Theme Files Creation/Deletion via CSRF

Description The plugin does not have CSRF checks when creating and deleting theme files as well as reseting settings, which could allow attackers to make logged in admins perform such actions via CSRF attacks...

CVE-2023-29235 WordPress Maintenance Switch Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Fugu Maintenance Switch plugin = 1.5.2 versions...

CVE-2022-47590 WordPress Maintenance Switch Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Fugu Maintenance Switch plugin = 1.5.2 versions...

Wordpress plugin Maintenance Switch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...