Vulnerability in Minimal Coming Soon & Maintenance Mode Plugin Allows Unauthorized Access to Maintenance Mode Settings

Vulnerability in Minimal Coming Soon & Maintenance Mode Plugin Allows Unauthorized Access to Maintenance Mode Settings

CVE-2020-6168 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting).

Learn more about our Wordpress Pen Testing.