RSS   Vulnerabilities for
'Minimal coming soon \& maintenance mode'
   RSS

2020-01-09
 
CVE-2020-6168

CWE-732
 

 
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting).

 
 
CVE-2020-6167

CWE-352
 

 
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo.

 
 
CVE-2020-6166

CWE-276
 

 
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenticated users with basic access to export settings and change maintenance-mode themes.

 

 >>> Vendor: Webfactoryltd 6 Products
301 redirects
Minimal coming soon \& maintenance mode
Wp database reset
Wp reset
Maintenance
Wp reset pro


Copyright 2024, cxsecurity.com

 

Back to Top