Vulnerabilities > Webfactoryltd > Minimal Coming Soon Maintenance Mode > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-09	CVE-2020-6168	Missing Authorization vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting). network low complexity webfactoryltd CWE-862	7.6
2020-01-09	CVE-2020-6167	Cross-Site Request Forgery (CSRF) vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo. network low complexity webfactoryltd CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.