Vulnerabilities > Niteothemes > CMP > 3.7.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-09 | CVE-2023-2159 | Unspecified vulnerability in Niteothemes CMP The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. | 5.3 |
| 2023-06-07 | CVE-2020-36730 | Missing Authorization vulnerability in Niteothemes CMP The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. | 9.3 |
| 2022-02-14 | CVE-2022-0188 | Missing Authentication for Critical Function vulnerability in Niteothemes CMP The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout. | 5.3 |