Skip to main content

Wp Maintenance Mode

3 CVEs product

Monthly

CVE-2018-20156 HIGH This Week

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress RCE PHP Wp Maintenance Mode
NVD
CVSS 3.0
7.2
EPSS
1.5%
CVE-2018-20155 MEDIUM This Month

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wp Maintenance Mode
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2018-20154 MEDIUM This Month

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Information Disclosure Wp Maintenance Mode
NVD
CVSS 3.0
4.3
EPSS
1.0%
EPSS 2% CVSS 7.2
HIGH This Week

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress RCE PHP +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Wp Maintenance Mode
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Information Disclosure Wp Maintenance Mode
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy