Under Construction / Maintenance Mode

under_construction_/_maintenance_mode

Vendor: Acurax • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-35749 1Acurax 1Under Construction / Maintenance Mode Nov 21, 2024 Jun 10, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a thro...Show more Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6.Show less
CVE-2024-1476 1Acurax 1Under Construction / Maintenance Mode Apr 8, 2026 Feb 28, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenti...Show more The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6 via the REST API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages when maintenance mode is active thus bypassing the protection provided by the plugin.Show less
CVE-2023-6922 1Acurax 1Under Construction / Maintenance Mode Apr 8, 2026 Feb 28, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acx_csma_subscribe_ajax' function. This can allow...Show more The Under Construction / Maintenance Mode from Acurax plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.6 via the 'acx_csma_subscribe_ajax' function. This can allow authenticated attackers to extract sensitive data such as names and email addresses of subscribed visitors.Show less
CVE-2023-39926 1Acurax 1Under Construction / Maintenance Mode Nov 21, 2024 Nov 16, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Acurax Under Construction / Maintenance Mode from Acurax plugin <= 2.6 versions.