cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forresponsive-coming-soon responsive-coming-soon

Direction: ascending
Jun 10, 2024

Coming Soon Page & Maintenance Mode # CVE-2019-25139

CVE, Research URL

CVE-2019-25139

Home page URL

Security reports for Coming Soon Page & Maintenance Mode

Application

Coming Soon Page & Maintenance Mode

Date
Jun 07, 2023
Research Description
The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthenticated settings reset in versions up to, and including 1.8.1 due to missing capability checks in the ~/functions/data-reset-post.php file which makes it possible for unauthenticated attackers to trigger a plugin settings reset.
Affected versions
Min -, max -.
Status
vulnerable

Coming Soon Page & Maintenance Mode # CVE-2019-25140

CVE, Research URL

CVE-2019-25140

Home page URL

Security reports for Coming Soon Page & Maintenance Mode

Application

Coming Soon Page & Maintenance Mode

Date
Jun 07, 2023
Research Description
The WordPress Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logo_width, logo_height, rcsp_logo_url, home_sec_link_txt, rcsp_headline and rcsp_description parameters in versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable

Coming Soon Page & Maintenance Mode # CVE-2024-1136

CVE, Research URL

CVE-2024-1136

Home page URL

Security reports for Coming Soon Page & Maintenance Mode

Application

Coming Soon Page & Maintenance Mode

Date
Feb 28, 2024
Research Description
The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsm_coming_soon_redirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a site with maintenance mode or coming-soon mode enabled to view the site's content.
Affected versions
Min -, max -.
Status
vulnerable
Jun 11, 2024

Coming Soon Page & Maintenance Mode # fd9c668cc0f17388cd919046a5f290722fd40062

CVE, Research URL

fd9c668cc0f17388cd919046a5f290722fd40062

Home page URL

Security reports for Coming Soon Page & Maintenance Mode

Application

Coming Soon Page & Maintenance Mode

Date
Jul 17, 2019
Research Description
Coming Soon Page &amp; Maintenance Mode [responsive-coming-soon] < 1.8.2 (closed) Coming Soon Page & Maintenance Mode <= 1.8.1 - Unauthenticated Settings Reset The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthenticated settings reset in versions up to, and including 1.8.1 due to missing capability checks in the ~/functions/data-reset-post.php file which makes it possible for unauthenticated attackers to trigger a plugin settings reset.
Affected versions
Min -, max -.
Status
vulnerable