Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2024/03/13 3:26 p.m.33 views

CVE-2024-1462 Maintenance Page <= 1.0.8 - Security Mechanism Bypass via REST API

The Maintenance Page plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 1.0.8 via the REST API. This makes it possible for unauthenticated attackers to view post titles and content when the site is in maintenance mode...

5.3CVSS5.4AI score0.0053EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 3:26 p.m.71 views

CVE-2024-1462

The CVE-2024-1462 entry concerns the Maintenance Page plugin for WordPress. It allows Basic Information Exposure via the REST API in all versions up to 1.0.8, enabling unauthenticated attackers to view post titles and content when the site is in maintenance mode. A fix is available: upgrade to ve...

5.3CVSS5.5AI score0.0053EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/13 3:26 p.m.14 views

CVE-2024-1462

The Maintenance Page plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 1.0.8 via the REST API. This makes it possible for unauthenticated attackers to view post titles and content when the site is in maintenance mode...

5.3CVSS6.7AI score0.0053EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/02/22 12:0 a.m.11 views

WordPress Maintenance Page Plugin <= 1.0.8 is vulnerable to Bypass Vulnerability

Software Maintenance Page Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.0.9 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-1462 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 71b6077c6442 Credits Francesco Carlucci Required privileg...

5.3CVSS6.5AI score0.0053EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder