Описание
The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmp_get_post_detail function. This can allow unauthenticated individuals to obtain the contents of any non-password-protected, published post or page even when maintenance mode is enabled.
Ссылки
- Patch
- Third Party Advisory
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.1.6 (включая)
cpe:2.3:a:niteothemes:coming_soon_\&_maintenance:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 94%
0.14299
Средний
5.3 Medium
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmp_get_post_detail function. This can allow unauthenticated individuals to obtain the contents of any non-password-protected, published post or page even when maintenance mode is enabled.
EPSS
Процентиль: 94%
0.14299
Средний
5.3 Medium
CVSS3
Дефекты
CWE-200