2 matches found
CVE-2024-9705
The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsmupdatetemplatenamelite' function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...
CVE-2024-9705
CVE-2024-9705 affects the Ultimate Coming Soon & Maintenance plugin for WordPress (versions up to and including 1.0.9). The vulnerability is a missing capability check in ucsm_update_template_name_lite that allows authenticated attackers with Subscriber+ privileges to modify template names. Multi...