Vulnerabilities > CVE-2022-1576 - Unspecified vulnerability in Themeisle WP Maintenance Mode & Coming Soon

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

themeisle

NVD

Published: 2022-07-11

Updated: 2024-11-21

Summary

The WP Maintenance Mode & Coming Soon WordPress plugin before 2.4.5 is lacking CSRF when emptying the subscribed users list, which could allow attackers to make a logged in admin perform such action via a CSRF attack

Vulnerable Configurations

Part	Description	Count
Application	Themeisle Themeisle WP Maintenance Mode & Coming Soon 2.2.2 Themeisle WP Maintenance Mode & Coming Soon 2.2.3 Themeisle WP Maintenance Mode & Coming Soon 2.2.4 Themeisle WP Maintenance Mode & Coming Soon 2.3.0 Themeisle WP Maintenance Mode & Coming Soon 2.4.0 Themeisle WP Maintenance Mode & Coming Soon 2.4.1 Themeisle WP Maintenance Mode & Coming Soon 2.4.2 Themeisle WP Maintenance Mode & Coming Soon 2.4.3 Themeisle WP Maintenance Mode & Coming Soon 2.4.4	9

Summary

Vulnerable Configurations

References