Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-02-07

CVE-2024-1136 - Coming Soon Page Maintenance Mode Plugin

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsm_coming_soon_redirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a site with maintenance mode or coming-soon mode enabled to view the site's content.

PLUGIN Coming Soon Page Maintenance Mode

CVE-2024-1136

MEDIUM CVSS 5.3 2024-02-28

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2021-24191 - Coming Soon Page Maintenance Mode Plugin

Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.

PLUGIN Coming Soon Page Maintenance Mode

CVE-2021-24191

HIGH CVSS 8.8 2021-05-14

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-1136 - Coming Soon Page Maintenance Mode Plugin

CVE-2021-24191 - Coming Soon Page Maintenance Mode Plugin

Company Links

Contact Us