CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

404 matches found

Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access

The plugin does not restrict access to published and non protected posts/pages when the maintenance mode is enabled, allowing unauthenticated users to access them. id: CVE-2023-1263 info: name: Coming Soon & Maintenance 4.1.7 - Unauthenticated Post/Page Access author: r3Y3r53 severity: medium...

5.3CVSS6.7AI score0.01414EPSS

Exploits1References5

RedhatCVE•added 2026/06/05 7:21 p.m.•5 views

CVE-2026-34896

Cross-Site Request Forgery CSRF vulnerability in Analytify Under Construction, Coming Soon & Maintenance Mode allows Cross Site Request Forgery.This issue affects Under Construction, Coming Soon & Maintenance Mode: from n/a through 2.1.1...

7.5CVSS5.4AI score0.00122EPSS

Exploits0References1

Positive Technologies•added 2026/05/22 12:0 a.m.•6 views

PT-2026-42767

Name of the Vulnerable Software and Affected Versions DOMPurify version 3.4.4 Description DOMPurify allows the element by default, which enables a bypass of the sanitization process. This occurs because browsers may re-clone an XSS payload after the sanitizer has already processed the subtree...

8.2CVSS5.9AI score0.00035EPSS

Exploits0References6

OSV•added 2026/04/29 1:21 p.m.•5 views

JLSEC-2026-328

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.3AI score0.00361EPSS

Exploits1References4

Patchstack•added 2026/04/19 11:25 p.m.•4 views

WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin <= 4.1.16 - Missing Authorization to Authenticated (Administrator+) Arbitrary File Upload and Remote Code Execution vulnerability

WordPress CMP - Coming Soon & Maintenance Plugin by NiteoThemes plugin = 4.1.16 - Missing Authorization to Authenticated Administrator+ Arbitrary File Upload and Remote Code Execution vulnerability discovered by ll in WordPress Plugin CMP – Coming Soon & Maintenance versions = 4.1.16...

8.8CVSS5.8AI score0.00867EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/04/18 3:37 a.m.•2 views

CVE-2026-6518

The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the cmpthemeupdateinstall AJAX action. This is due to the function only checking for the publishpages...

8.8CVSS6.6AI score0.00867EPSS

Exploits0References6

EUVD•added 2026/04/18 3:37 a.m.•2 views

EUVD-2026-23654

8.8CVSS6.6AI score0.00867EPSS

Exploits0References5

CNNVD•added 2026/04/18 12:0 a.m.•5 views

WordPress plugin CMP – Coming Soon & Maintenance Plugin by NiteoThemes 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS6.2AI score0.00867EPSS

Exploits0References2

RedhatCVE•added 2026/04/14 7:23 p.m.•3 views

CVE-2026-39464

Server-Side Request Forgery SSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Server Side Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.19.8...

5.5CVSS5.8AI score0.00186EPSS

Exploits0References1

EUVD•added 2026/04/08 9:31 a.m.•1 views

EUVD-2026-20135

5.9AI score0.00186EPSS

Exploits0References2

NVD•added 2026/04/08 9:16 a.m.•4 views

CVE-2026-39464

5.5CVSS0.00186EPSS

Exploits0References1

Cvelist•added 2026/04/08 8:30 a.m.•19 views

CVE-2026-39464 WordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.8 - Server Side Request Forgery (SSRF) vulnerability

5.5CVSS0.00186EPSS

Exploits0References1

ATTACKERKB•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39464

5.9AI score0.00186EPSS

Exploits0References2

CVE•added 2026/04/08 8:30 a.m.•9 views

CVE-2026-39464

The vulnerability CVE-2026-39464 is described as a Server-Side Request Forgery (SSRF) in the SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon, affecting versions up to 6.19.8. The connected Red Hat, ENISA EUVD, NVD, CVE list, and related feeds all reiterate...

5.5CVSS5.9AI score0.00186EPSS

Exploits0References1

Positive Technologies•added 2026/04/08 12:0 a.m.•3 views

PT-2026-31113

5.9AI score0.00186EPSS

Exploits0References3

CNNVD•added 2026/04/08 12:0 a.m.•6 views

WordPress plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd 代码问题漏洞

5.5CVSS5.9AI score0.00186EPSS

Exploits0References1

NVD•added 2026/04/07 9:16 a.m.•3 views

CVE-2026-34896

7.5CVSS0.00122EPSS

Exploits0References1

ATTACKERKB•added 2026/04/07 8:20 a.m.•5 views

CVE-2026-34896

7.5CVSS5.9AI score0.00122EPSS

Exploits0References2

EUVD•added 2026/04/07 8:20 a.m.•4 views

EUVD-2026-19590

7.5CVSS5.9AI score0.00122EPSS

Exploits0References1

Patchstack•added 2026/04/07 8:19 a.m.•2 views

WordPress Under Construction, Coming Soon & Maintenance Mode plugin <= 2.1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Carlos Ferreira in WordPress Plugin Under Construction, Coming Soon & Maintenance Mode versions = 2.1.1...

7.5CVSS5.9AI score0.00122EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by