Coming Soon And Maintenance Mode

coming_soon_and_maintenance_mode

Vendor: Wpdevart • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0199 1Wpdevart 1Coming Soon And Maintenance Mode Jun 17, 2026 Feb 21, 2022 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in its coming_soon_send_mail AJAX action, allowing attackers to make logged in admin to send arbitrary emails to all subscribed...Show more The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in its coming_soon_send_mail AJAX action, allowing attackers to make logged in admin to send arbitrary emails to all subscribed users via a CSRF attackShow less
CVE-2022-0164 1Wpdevart 1Coming Soon And Maintenance Mode Jun 17, 2026 Feb 21, 2022 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber...Show more The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed usersShow less
CVE-2021-24577 1Wpdevart 1Coming Soon And Maintenance Mode Jun 17, 2026 Oct 11, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to sto...Show more The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to stored XSS.Show less