Lucene search
K

25 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-33677

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00772EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-16577

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00253EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:59 a.m.11 views

CVE-2024-1181

The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUESTURI to determine if the page being accesses is an admin area. This makes it...

5.3CVSS6.7AI score0.00586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.6 views

CVE-2024-0789

The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 6.1.9.2 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to...

5.3CVSS6AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.9 views

CVE-2023-2159

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmpbypass GET parameter in the URL equal to the md5-hashed homeurl in the default setting allows users to visit a site placed in maintenance mode th...

5.3CVSS6.6AI score0.00772EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/19 7:39 a.m.14 views

CVE-2024-0789 WP Maintenance <= 6.1.9.2 - IP Spoofing to Maintenance Mode Bypass

The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 6.1.9.2 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to...

5.3CVSS5.3AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2024/03/20 7:15 a.m.15 views

CVE-2024-1181

The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUESTURI to determine if the page being accesses is an admin area. This makes it...

5.3CVSS5.2AI score0.00586EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/20 6:48 a.m.13 views

CVE-2024-1181 Coming Soon, Under Construction & Maintenance Mode By Dazzler <= 2.1.2 - Maintenance Mode Bypass

The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUESTURI to determine if the page being accesses is an admin area. This makes it...

5.3CVSS7.1AI score0.00586EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/20 6:48 a.m.21 views

CVE-2024-1181 Coming Soon, Under Construction & Maintenance Mode By Dazzler <= 2.1.2 - Maintenance Mode Bypass

The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUESTURI to determine if the page being accesses is an admin area. This makes it...

5.3CVSS5.5AI score0.00586EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/03/19 12:0 a.m.15 views

Coming Soon, Under Construction & Maintenance Mode By Dazzler < 2.1.3 - Maintenance Mode Bypass

Description The plugin is vulnerable to maintenance mode bypass due to the plugin relying on the REQUESTURI to determine if the page being accesses is an admin area. This makes it possible for unauthenticated attackers to bypass maintenance mode and access the site which may be considered...

5.3CVSS6.3AI score0.00586EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/02/05 10:16 p.m.27 views

CVE-2024-1075

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to...

5.3CVSS4.4AI score0.0069EPSS
Exploits0References3
Prion
Prion
added 2024/02/05 10:16 p.m.17 views

Information disclosure

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to...

5CVSS6.8AI score0.0069EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/02/05 9:21 p.m.31 views

CVE-2024-1075 Minimal Coming Soon – Coming Soon Page <= 2.37 - Unauthenticated Maintenance Mode Bypass

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to...

3.7CVSS5.4AI score0.0069EPSS
Exploits0References3
CVE
CVE
added 2024/02/05 9:21 p.m.52 views

CVE-2024-1075

CVE-2024-1075 affects the WordPress plugin Minimal Coming Soon – Coming Soon Page . The flaw permits unauthenticated maintenance mode bypass and information disclosure due to improper validation of the request path, affecting versions up to and including 2.37. The issue has been acknowledged by m...

5.3CVSS5.3AI score0.0069EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.5 views

WordPress plugin Minimal Coming Soon Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

5.3CVSS6.4AI score0.0069EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2024/01/17 12:0 a.m.13 views

WordPress Manutenção < 1.0.7 - IP Spoofing to Maintenance Mode Bypass

Description The plugin is vulnerable to IP Spoofing due to insufficient validation of IP addresses, allowing unauthenticated attackers to bypass the plugin's maintenance mode restriction via the 'X-Forwarded-For' HTTP header...

9.7AI score0.00432EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/06/09 7:15 a.m.2 views

CVE-2023-2897

The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit trust of user-supplied IP addresses in an 'X-Forwarded-For' HTTP header for the purpose of validating allowed IP addresses against a Maintenance Mo...

5.3CVSS6.8AI score0.00295EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/09 6:48 a.m.26 views

CVE-2023-2897 Brizy Page Builder <= 2.4.18 - IP Address Spoofing to Protection Mechanism Bypass

The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. This is due to an implicit trust of user-supplied IP addresses in an 'X-Forwarded-For' HTTP header for the purpose of validating allowed IP addresses against a Maintenance Mo...

3.7CVSS6.6AI score0.00295EPSS
Exploits0References2
NVD
NVD
added 2023/06/09 6:16 a.m.26 views

CVE-2023-2159

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmpbypass GET parameter in the URL equal to the md5-hashed homeurl in the default setting allows users to visit a site placed in maintenance mode th...

5.3CVSS5.2AI score0.00772EPSS
Exploits1References3
Prion
Prion
added 2023/06/09 6:16 a.m.20 views

Default credentials

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmpbypass GET parameter in the URL equal to the md5-hashed homeurl in the default setting allows users to visit a site placed in maintenance mode th...

5CVSS5.1AI score0.00772EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder