2 matches found
CVE-2019-19979
The CVE concerns the WordPress WP Maintenance plugin prior to version 5.0.6. A CSRF vulnerability allowed attackers to enable the plugin’s maintenance mode and inject malicious code affecting site visitors, enabling a stored XSS path when maintenance settings were manipulated. Root cause cited ac...
CVE-2022-30536
CVE-2022-30536 affects WordPress WP Maintenance plugin = 6.0.8 (or later) per Patchstack guidance.