The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to bypass maintenance mode and view pages that should be hidden.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-02-05T21:21:50.435Z
Updated: 2024-07-05T17:21:34.056Z
Reserved: 2024-01-30T16:21:06.947Z
Link: CVE-2024-1075
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-02-05T22:16:07.283
Modified: 2024-02-13T19:43:13.480
Link: CVE-2024-1075
JSON object: View
Redhat Information
No data.
CWE