Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total4
Critical0
High1
Medium3
Reset
Showing 1-4 of 4 records
Threat Entry Updated 2025-05-12

CVE-2025-3949 - Maintenance Mode Plugin

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprod_lite_get_revisisons' function in all versions up to, and including, 6.18.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the content of arbitrary landing page revisions.

PLUGIN Maintenance Mode

CVE-2025-3949

MEDIUM CVSS 4.3 2025-05-09
Open Full Technical Breakdown
Threat Entry Updated 2025-01-08

CVE-2024-1478 - Maintenance Mode Plugin

The Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.0 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page content via API thus bypassing the content protection provided by the plugin.

PLUGIN Maintenance Mode

CVE-2024-1478

MEDIUM CVSS 5.3 2024-03-05
Open Full Technical Breakdown
Threat Entry Updated 2025-02-07

CVE-2024-1136 - Maintenance Mode Plugin

The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsm_coming_soon_redirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a site with maintenance mode or coming-soon mode enabled to view the site's content.

PLUGIN Maintenance Mode

CVE-2024-1136

MEDIUM CVSS 5.3 2024-02-28
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-1072 - Maintenance Mode Plugin

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprod_lite_new_lpage function in all versions up to, and including, 6.15.21. This makes it possible for unauthenticated attackers to change the contents of coming-soon, maintenance pages, login and 404 pages set up with the plugin. Version 6.15.22 addresses this issue but introduces a bug affecting admin pages. We suggest upgrading to 6.15.23.

PLUGIN Maintenance Mode

CVE-2024-1072

HIGH CVSS 8.2 2024-02-05
Open Full Technical Breakdown
Scroll to top