Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.14 views

CVE-2022-0164

The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its comingsoonsendmail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users...

4.3CVSS6.7AI score0.00344EPSS
Exploits2References1
NVD
NVD
added 2022/02/21 11:15 a.m.29 views

CVE-2022-0164

The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its comingsoonsendmail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users...

4.3CVSS0.00344EPSS
Exploits2References2
OSV
OSV
added 2022/02/21 11:15 a.m.3 views

CVE-2022-0164

The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its comingsoonsendmail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users...

4.3CVSS5.9AI score0.00344EPSS
Exploits2References2
CVE
CVE
added 2022/02/21 10:46 a.m.80 views

CVE-2022-0164

CVE-2022-0164 affects the WordPress plugin Coming soon and Maintenance mode. The vulnerability stems from missing authorization and CSRF checks in the coming_soon_send_mail AJAX action, enabling any authenticated user with a role as low as subscriber to send arbitrary emails to all subscribed use...

4.3CVSS4.5AI score0.00344EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder