CVE-2025-32118 WordPress CMP – Coming Soon & Maintenance plugin <= 4.1.13 - Remote Code Execution (RCE) vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance allows Using Malicious Files. This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.13...

WordPress CMP – Coming Soon & Maintenance Plugin <= 4.1.7 is vulnerable to Bypass Vulnerability

Software CMP – Coming Soon & Maintenance Type Plugin Vulnerable versions = 4.1.7 Fixed in 4.1.8 OWASP Top 10 A2: Broken Authentication Classification Bypass Vulnerability CVE CVE-2023-2159 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e2c725a8a335 Credits Marco Wotschka...

CVE-2023-1263 CMP – Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.6 - Information Exposure

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmpgetpostdetail function. This can allow unauthenticated individuals to obtain the contents of any non-password-protected, published post or page even wh...

WordPress CMP – Coming Soon & Maintenance plugin <= 4.0.18 - Unauthenticated Arbitrary CSS Update vulnerability

Unauthenticated Arbitrary CSS Update vulnerability discovered by Krzysztof Zając in WordPress CMP – Coming Soon & Maintenance plugin versions = 4.0.18. Solution Update the WordPress CMP – Coming Soon & Maintenance plugin to the latest available version at least 4.0.19...

WordPress CMP – Coming Soon & Maintenance plugin <= 4.0.9 - Authenticated Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Ngo Van Thien Sun Cyber Security Research Team Patchstack Red Team member in WordPress CMP – Coming Soon & Maintenance plugin versions = 4.0.9. Solution Update the WordPress CMP – Coming Soon & Maintenance plugin to the latest available versio...

WordPress CMP – Coming Soon & Maintenance plugin <= 3.8.1 - Unauthenticated Plugin Deactivation vulnerability

Unauthenticated Plugin Deactivation vulnerability discovered by NinTechNet in WordPress CMP – Coming Soon & Maintenance plugin versions = 3.8.1. Solution Update the WordPress CMP – Coming Soon & Maintenance plugin to the latest available version at least 3.8.2...