Skip to main content

Cmp

2 CVEs product

Monthly

CVE-2023-2159 MEDIUM POC PATCH This Month

The CMP - Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

WordPress Authentication Bypass Cmp
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2020-36730 HIGH POC THREAT Act Now

The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 46.4%.

WordPress Authentication Bypass Cmp
NVD WPScan
CVSS 3.1
8.3
EPSS
46.4%
Threat
4.6
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

The CMP - Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

WordPress Authentication Bypass Cmp
NVD VulDB
EPSS 46% 4.6 CVSS 8.3
HIGH POC THREAT Act Now

The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 46.4%.

WordPress Authentication Bypass Cmp
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy