Coming Soon And Maintenance Mode
Approved changes feed: RSS · Atom
cpe:2.3:a:wpdevart:coming_soon_and_maintenance_mode:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Wpdevart (62458400-5314-5c71-819c-4b29c90460da) |
|---|---|
| Product | Coming Soon And Maintenance Mode (e1930023-1f40-5f3f-a2d2-01fefec1b641) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wp-plugins/coming-soon-page |
purl2cpe | 2026-06-01 10:15:28.131407 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-0199 |
vulnerable | 2026-06-03 14:45:55.646904 |
Coming soon and Maintenance mode < 3.6.8 - Arbitrary Email Sending to Subscribed Users via CSRF
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in its coming_soon_send_mail AJAX action, allowing attackers to make logged in admin to send arbitrary emails to all subscribed users via a CSRF attack
Published: 2022-02-21T10:46:04.000Z
Updated: 2024-08-02T23:18:42.523Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-0164 |
vulnerable | 2026-06-03 14:45:55.559938 |
Coming soon and Maintenance mode < 3.6.7 - Subscriber+ Arbitrary Email Sending to Subscribed Users
The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users
Published: 2022-02-21T10:46:00.000Z
Updated: 2024-08-02T23:18:42.067Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24577 |
vulnerable | 2026-06-03 14:43:57.505366 |
Coming Soon and Maintenance Mode < 3.5.3 - Authenticated Stored XSS
The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not properly sanitize inputs submitted by authenticated users when setting adding or modifying coming soon or maintenance mode pages, leading to stored XSS.
Published: 2021-10-11T10:45:33.000Z
Updated: 2024-08-03T19:35:20.255Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.