Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Coming soon and maintenance mode'
2022-02-21
CVE-2022-0164
CWE-863
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users
CVE-2022-0199
CWE-352
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in its coming_soon_send_mail AJAX action, allowing attackers to make logged in admin to send arbitrary emails to all subscribed users via a CSRF attack
2021-10-11
CVE-2021-24577
CWE-79
The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to stored XSS.
>>>
Vendor:
Wpdevart
10
Products
Responsive image gallery gallery album
Booking calendar
Poll\, survey\, questionnaire and voting system
Youtube embed\, playlist and popup
Countdown and countup\, woocommerce sales timer
Coming soon and maintenance mode
Duplicate page or post
Pricing table builder
Social comments
Gallery
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 