WordPress Conditional Maintenance Mode plugin cross-site request forgery vulnerability

The WordPress Conditional Maintenance Mode plugin is a tool for setting a website to maintenance mode under certain conditions, allowing administrators to flexibly control the enabling and disabling of the maintenance status according to their needs. A cross-site request forgery vulnerability...

CVE-2025-12586 Conditional Maintenance Mode for WordPress <= 1.0.0 - Cross-Site Request Forgery

The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation when toggling the maintenance mode status. This makes it possible for unauthenticated attackers to...

CVE-2025-12586 Conditional Maintenance Mode for WordPress <= 1.0.0 - Cross-Site Request Forgery

The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation when toggling the maintenance mode status. This makes it possible for unauthenticated attackers to...

WordPress Conditional Maintenance Mode for WordPress plugin <= 1.0.0 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by dayea song - Ahnlab in WordPress Plugin Conditionnal Maintenance Mode for WordPress versions = 1.0.0...

PT-2025-47999

The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation when toggling the maintenance mode status. This makes it possible for unauthenticated attackers to...