ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Maintenance Mode Plugin <= 2.0.6 - Missing Settings Authorization

Product
Maintenance Mode
Description
This plugin is prone to a missing settings authorization vulnerability.
Solution
Upgrade the plugin.
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Wordfence
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.6
Fixed In 2.0.7
Disclosure date
2016-07-06
Submitter
ThreatPress