Freehtmldesigns Site Offline vulnerabilities
3 known vulnerabilities affecting freehtmldesigns/site_offline.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-1580P4MEDIUMCVSS 4.3PoCfixed in 1.5.32022-09-19
CVE-2022-1580 [MEDIUM] CWE-639 CVE-2022-1580: The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users fro
The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keywords to the URL's query string would bypass the plugin's main feature.
nvd
CVE-2020-35773P3HIGHCVSS 8.8fixed in 1.4.42020-12-29
CVE-2020-35773 [HIGH] CWE-352 CVE-2020-35773: The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce
The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF.
nvd
CVE-2023-49190P4MEDIUMCVSS 4.8≤ 1.5.62023-12-15
CVE-2023-49190 [MEDIUM] CWE-79 CVE-2023-49190: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandra Shekhar Sahu Site Offline Or Coming Soon Or Maintenance Mode allows Stored XSS.This issue affects Site Offline Or Coming Soon Or Maintenance Mode: from n/a through 1.5.6.
nvd