Vulnerabilities > Designmodo > WP Maintenance Mode > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-12-14 CVE-2018-20155 Missing Authorization vulnerability in Designmodo WP Maintenance Mode
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.
network
low complexity
designmodo CWE-862
4.3
4.3
2018-12-14 CVE-2018-20154 Information Exposure vulnerability in Designmodo WP Maintenance Mode
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
network
low complexity
designmodo CWE-200
4.3
4.3