The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.
References
Link | Resource |
---|---|
https://www.wordfence.com/blog/2016/07/3-vulnerabilities-wp-maintenance-mode/ | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-12-14 22:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-20155
Mitre link : CVE-2018-20155
CVE.ORG link : CVE-2018-20155
JSON object : View
Products Affected
designmodo
- wp_maintenance_mode
CWE
CWE-862
Missing Authorization