Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2
Critical0
High0
Medium2
Reset
Showing 1-2 of 2 records
Threat Entry Updated 2025-03-05

CVE-2024-1462 - Maintenance Page Plugin

The Maintenance Page plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 1.0.8 via the REST API. This makes it possible for unauthenticated attackers to view post titles and content when the site is in maintenance mode.

PLUGIN Maintenance Page

CVE-2024-1462

MEDIUM CVSS 5.3 2024-03-13
Open Full Technical Breakdown
Threat Entry Updated 2025-03-05

CVE-2024-1370 - Maintenance Page Plugin

The Maintenance Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the subscribe_download function hooked via AJAX action in all versions up to, and including, 1.0.8. This makes it possible for authenticated attackers, with subscriber access or higher, to download a csv containing subscriber emails.

PLUGIN Maintenance Page

CVE-2024-1370

MEDIUM CVSS 5.3 2024-03-13
Open Full Technical Breakdown
Scroll to top