cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2159,https://securityvulnerability.io/vulnerability/CVE-2023-2159,Maintenance Mode Bypass Vulnerability in CMP Plugin for WordPress,"The CMP – Coming Soon & Maintenance plugin for WordPress contains a vulnerability that allows unauthorized users to bypass maintenance mode. This occurs through the misuse of the 'cmp_bypass' GET parameter, which matches a specific md5-hashed home URL. Consequently, this flaw permits access to websites that are supposed to be restricted during maintenance, potentially exposing sensitive data or functionality to unauthorized visitors.",Wordpress,CMP – Coming Soon & Maintenance Plugin by NiteoThemes,5.3,MEDIUM,0.0011500000255182385,false,,false,false,false,,false,false,2023-06-09T06:16:00.000Z,0
CVE-2020-36730,https://securityvulnerability.io/vulnerability/CVE-2020-36730,Authorization Bypass in CMP for WordPress by NiteoThemes,"The CMP plugin for WordPress, developed by NiteoThemes, is vulnerable to authorization bypass due to missing capability checks in several functions. This flaw allows unauthenticated attackers to potentially access sensitive information, such as reading posts and exporting subscriber lists, as well as disabling the plugin altogether. As a result, the security integrity of websites using versions up to 3.8.1 is compromised, leading to significant risks if not addressed.",Wordpress,Cmp – Coming Soon & Maintenance Plugin By Niteothemes,8.3,HIGH,0.002570000011473894,false,,false,false,true,true,false,false,2023-06-07T01:51:52.111Z,0
CVE-2023-1263,https://securityvulnerability.io/vulnerability/CVE-2023-1263,Information Exposure Vulnerability in CMP – Coming Soon & Maintenance Plugin for WordPress,"The CMP – Coming Soon & Maintenance plugin for WordPress contains a vulnerability that allows unauthorized individuals to access the contents of any non-password-protected, published post or page. This issue arises from the cmp_get_post_detail function, which fails to properly restrict access, even when the site is in maintenance mode. Consequently, sensitive information could be exposed to the public, raising serious security concerns for website administrators.",Wordpress,CMP – Coming Soon & Maintenance Plugin by NiteoThemes,5.3,MEDIUM,0.0022799998987466097,false,,false,false,false,,false,false,2023-03-07T22:15:00.000Z,0