4 matches found
CMP WordPress < 4.0.19 - Broken Access Control
CMP WordPress plugin 4.0.19 contains an arbitrary page layout change caused by insufficient access control in the coming soon page feature, letting unauthenticated users modify the layout, exploit requires no authentication. id: CVE-2022-0188 info: name: CMP WordPress 4.0.19 - Broken Access Contr...
CVE-2022-0188
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout...
CVE-2022-0188
CVE-2022-0188 affects the CMP WordPress plugin, specifically versions before 4.0.19. The vulnerability is an unauthenticated access control flaw that lets any user, including unauthenticated visitors, arbitrarily change the coming soon page layout (CSS/HTML) due to insufficient access control. Th...
CVE-2022-0188 Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 - Unauthenticated Arbitrary CSS Update
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout...