Vulnerabilities (CVE)

Filtered by vendor Freehtmldesigns Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49190 1 Freehtmldesigns 1 Site Offline 2024-02-28 N/A 4.8 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandra Shekhar Sahu Site Offline Or Coming Soon Or Maintenance Mode allows Stored XSS.This issue affects Site Offline Or Coming Soon Or Maintenance Mode: from n/a through 1.5.6.
CVE-2022-1580 1 Freehtmldesigns 1 Site Offline 2024-02-28 N/A 4.3 MEDIUM
The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keywords to the URL's query string would bypass the plugin's main feature.
CVE-2020-35773 1 Freehtmldesigns 1 Site Offline 2024-02-28 6.8 MEDIUM 8.8 HIGH
The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF.