Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
niteothemes cmp vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2020-36730
The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. This makes it possible for unauthenticated maliciou...
Niteothemes Cmp
1 Github repository
5.3
CVSSv3
CVE-2023-2159
The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmp_bypass GET parameter in the URL (equal to the md5-hashed home_url in the default setting) allows users to visit a sit...
Niteothemes Cmp
5.3
CVSSv3
CVE-2022-0188
The CMP WordPress plugin prior to 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.
Niteothemes Cmp
5.3
CVSSv3
CVE-2023-1263
The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmp_get_post_detail function. This can allow unauthenticated individuals to obtain the contents of any non-password-protected, ...
Niteothemes Coming Soon \\& Maintenance
NA
CVE-2023-50374
Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a up to and including 4.1.10.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started