26 matches found
EUVD-2021-11105
Malware in sbrugna...
EUVD-2025-17277
Malicious code in bioql PyPI...
CVE-2025-49284
Cross-Site Request Forgery CSRF vulnerability in wp-buy WP Maintenance Mode & Site Under Construction wp-maintenance-mode-site-under-construction allows Cross Site Request Forgery.This issue affects WP Maintenance Mode & Site Under Construction: from n/a through = 4.3...
CVE-2025-49284
Cross-Site Request Forgery CSRF vulnerability in wp-buy WP Maintenance Mode & Site Under Construction wp-maintenance-mode-site-under-construction allows Cross Site Request Forgery.This issue affects WP Maintenance Mode & Site Under Construction: from n/a through = 4.3...
CVE-2025-49284 WordPress WP Maintenance Mode & Site Under Construction plugin <= 4.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in wp-buy WP Maintenance Mode & Site Under Construction wp-maintenance-mode-site-under-construction allows Cross Site Request Forgery.This issue affects WP Maintenance Mode & Site Under Construction: from n/a through = 4.3...
CVE-2025-49284
CVE-2025-49284 is a CSRF vulnerability in the WordPress plugin WP Maintenance Mode & Site Under Construction . The initial document notes CSRF and that the affected range is from n/a through 4.3. The linked Red Hat entry corroborates the CSRF nature but provides no additional technical details ab...
CVE-2025-49284 WordPress WP Maintenance Mode & Site Under Construction plugin <= 4.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in wp-buy WP Maintenance Mode & Site Under Construction wp-maintenance-mode-site-under-construction allows Cross Site Request Forgery.This issue affects WP Maintenance Mode & Site Under Construction: from n/a through = 4.3...
PT-2025-24219 · Unknown · Wp Maintenance Mode & Site Under Construction
Name of the Vulnerable Software and Affected Versions: WP Maintenance Mode & Site Under Construction versions n/a through 4.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This is a type of attack where an attacker tricks a use...
CVE-2013-3250
Cross-site request forgery CSRF vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings...
CVE-2022-1576
The CVE concerns the WP Maintenance Mode & Coming Soon WordPress plugin (pre-2.4.5). The root cause is missing CSRF protection when emptying the subscribed users list, potentially allowing an attacker to induce a logged-in admin to perform this action via a CSRF attack. Reported impact is unautho...
CVE-2021-24191
The CVE-2021-24191 entry concerns the WordPress WP Maintenance Mode & Site Under Construction plugin (versions before 1.8.2). A low-privilege user can abuse the AJAX action cp_plugins_do_button_job_later_callback to install any plugin (including a specific version) from the WordPress repository a...
CVE-2018-20155
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings...
Code injection
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network...
Code injection
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses...
CVE-2018-20156
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network...
CVE-2018-20154
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses...
CVE-2018-20155
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings...
CVE-2018-20155
CVE-2018-20155 affects the WordPress WP Maintenance Mode plugin prior to version 2.0.7. The vulnerability allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings, exposing a flaw in authorization for configuration changes. The issue is doc...
CVE-2018-20154
CVE-2018-20154 affects the WordPress WP Maintenance Mode plugin prior to 2.0.7. The vulnerability allows remote authenticated users to disclose all subscriber email addresses, constituting an information-disclosure flaw in the plugin’s handling of subscriber data. The impact is confined to partia...
CVE-2018-20156
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network...