Coming Soon Page Under Construction Maintenance Mode By Seedprod
Monthly
Server-side request forgery in SeedProd Coming Soon Page plugin versions through 6.19.8 allows high-privilege authenticated attackers to make arbitrary HTTP requests from the vulnerable WordPress server, potentially accessing internal resources, cloud metadata endpoints, or other services restricted to the server's network. The CVSS 5.5 score and low EPSS percentile (4%) reflect the requirement for administrative credentials, limiting real-world exploitability despite confirmed network accessibility.
Server-side request forgery in SeedProd Coming Soon Page plugin versions through 6.19.8 allows high-privilege authenticated attackers to make arbitrary HTTP requests from the vulnerable WordPress server, potentially accessing internal resources, cloud metadata endpoints, or other services restricted to the server's network. The CVSS 5.5 score and low EPSS percentile (4%) reflect the requirement for administrative credentials, limiting real-world exploitability despite confirmed network accessibility.