Vulnerabilities (CVE)

Filtered by vendor Wp Maintenance Project Subscribe
Filtered by product Wp Maintenance
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30536 1 Wp Maintenance Project 1 Wp Maintenance 2024-11-21 N/A 3.4 LOW
Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin <= 6.0.7 at WordPress.
CVE-2021-36828 1 Wp Maintenance Project 1 Wp Maintenance 2024-11-21 3.5 LOW 4.8 MEDIUM
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance plugin <= 6.0.7 versions.
CVE-2019-19979 1 Wp Maintenance Project 1 Wp Maintenance 2024-11-21 6.8 MEDIUM 8.8 HIGH
A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed attackers to enable a vulnerable site's maintenance mode and inject malicious code affecting site visitors. There was CSRF with resultant XSS.