Cmp Security Vulnerabilities and Issues — Cmp CVE List

Lucene search

NiteothemesCmp

3 matches found

CVE•added 2022/02/14 12:15 p.m.•69 views

CVE-2022-0188

The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.

5.3CVSS5.1AI score0.00249EPSS

CVE•added 2023/06/09 6:16 a.m.•40 views

CVE-2023-2159

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmp_bypass GET parameter in the URL (equal to the md5-hashed home_url in the default setting) allows users to visit a site placed in maintenance mode ...

5.3CVSS5.1AI score0.00139EPSS

CVE•added 2023/06/07 2:15 a.m.•33 views

CVE-2020-36730

The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. This makes it possible for unauthenticated attackers to read posts, ex...

9.3CVSS8.8AI score0.42777EPSS