Lucene search
K
WebfactoryltdMinimal Coming Soon & Maintenance Mode

5 matches found

CVE
CVE
added 2020/01/09 7:58 p.m.96 views

CVE-2020-6168

CVE-2020-6168 – WordPress Minimal Coming Soon & Maintenance Mode : The vulnerability affects the plugin up to version 2.10, allowing any authenticated user with subscriber permissions or higher to enable/disable Maintenance Mode via crafted requests (e.g., /wp-admin/admin.php?action=csmm_change_s...

7.6CVSS7.2AI score0.01953EPSS
CVE
CVE
added 2020/01/09 7:54 p.m.93 views

CVE-2020-6166

CVE-2020-6166 (WordPress Minimal Coming Soon & Maintenance Mode) affects the plugin versions up to 2.15. The flaw allows any authenticated user with at least basic access to export plugin settings or change the maintenance-page theme via insecure permissions. Technical details from connected sour...

5.5CVSS5.3AI score0.0107EPSS
CVE
CVE
added 2020/01/09 6:9 p.m.84 views

CVE-2020-6167

The CVE-2020-6167 entry concerns WordPress plugin Minimal Coming Soon & Maintenance Mode (versions up to 2.10). The vulnerability is a CSRF to stored XSS and setting changes, permitted by a lack of nonce checks on settings endpoints, enabling an attacker to enable maintenance mode, inject XSS, mo...

9.6CVSS8.5AI score0.00924EPSS
CVE
CVE
added 2024/06/08 5:44 a.m.61 views

CVE-2024-5087

CVE-2024-5087 affects the Minimal Coming Soon – Coming Soon Page WordPress plugin. The vulnerability is caused by missing capability checks in AJAX handlers (validate_ajax, deactivate_ajax, save_ajax) on all versions up to 2.38, enabling authenticated users with Subscriber-level access and above ...

6.3CVSS5.9AI score0.00436EPSS
CVE
CVE
added 2024/02/05 9:21 p.m.55 views

CVE-2024-1075

CVE-2024-1075 affects the WordPress plugin Minimal Coming Soon – Coming Soon Page . The flaw permits unauthenticated maintenance mode bypass and information disclosure due to improper validation of the request path, affecting versions up to and including 2.37. The issue has been acknowledged by m...

5.3CVSS5.3AI score0.0069EPSS