CVE-2023-6751 Hostinger <= 1.9.7 - Missing Authorization to Maintenance Mode Activation
The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publishwebsite in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode...