Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-3 of 3 records

Threat Entry Updated 2024-11-21

CVE-2024-0789 - Wp Maintenance Plugin

The WP Maintenance plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 6.1.9.2 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to bypass maintenance mode.

PLUGIN Wp Maintenance

CVE-2024-0789

MEDIUM CVSS 5.3 2024-06-19

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-02-27

CVE-2024-1472 - Wp Maintenance Plugin

The WP Maintenance plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.1.6 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's maintenance mode obtain post and page content via REST API.

PLUGIN Wp Maintenance

CVE-2024-1472

MEDIUM CVSS 5.3 2024-02-29

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-30536 - Wp Maintenance Plugin

Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin

PLUGIN Wp Maintenance

CVE-2022-30536

LOW CVSS 3.4 2022-07-21

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-0789 - Wp Maintenance Plugin

CVE-2024-1472 - Wp Maintenance Plugin

CVE-2022-30536 - Wp Maintenance Plugin

Company Links

Contact Us