4 matches found
CVE-2020-36707
The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57. This is due to confusing logic functions missing or having incorrect nonce validation. This makes it possible for unauthenticated attackers to gain and...
CVE-2020-36707 Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery
The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57. This is due to confusing logic functions missing or having incorrect nonce validation. This makes it possible for unauthenticated attackers to gain and...
CVE-2020-36707
CVE-2020-36707 affects the WordPress Coming Soon & Maintenance Mode Page plugin (versions up to 1.57). The vulnerability is Cross-Site Request Forgery caused by confusing logic and missing/incorrect nonce validation, allowing unauthenticated attackers to perform actions as if they were an admin w...
CVE-2020-36707
The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57. This is due to confusing logic functions missing or having incorrect nonce validation. This makes it possible for unauthenticated attackers to gain and...