CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Wp Maintenance Project 1Wp Maintenance Jun 17, 2026 Jul 21, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin <= 6.0.7 at WordPress. |
1Wp Maintenance Project 1Wp Maintenance Jun 17, 2026 Apr 15, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin <= 6.0.7 versions. |
1Wp Maintenance Project 1Wp Maintenance Jun 17, 2026 Dec 26, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS. |