Minimal%20Coming%20Soon%20%E2%80%93%20Coming%20Soon%20Page Details

Minimal Coming Soon – Coming Soon Page

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2024-5087

Assigner-Wordfence

View Details

Assigner-Wordfence

CVSS Score-6.3||MEDIUM

EPSS-0.17% / 38.78%

7 Day CHG~0.00%

Published-08 Jun, 2024 | 05:44

Updated-31 Oct, 2024 | 18:26

Minimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings Change

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the validate_ajax, deactivate_ajax, and save_ajax functions in all versions up to, and including, 2.38. This makes it possible for authenticated attackers, with Subscriber-level access and above, to edit the license key, which could disable features of the plugin.

Vendor-webfactoryltd webfactory

Product-minimal_coming_soon_\&_maintenance_mode Minimal Coming Soon – Coming Soon Page

CWE ID-CWE-862

Missing Authorization

CVE-2024-1075

Assigner-Wordfence

View Details

Assigner-Wordfence

CVSS Score-3.7||LOW

EPSS-0.66% / 70.06%

7 Day CHG~0.00%

Published-05 Feb, 2024 | 21:21

Updated-01 Aug, 2024 | 18:26

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to bypass maintenance mode and view pages that should be hidden.

Vendor-webfactoryltd webfactory

Product-minimal_coming_soon_\&_maintenance_mode Minimal Coming Soon – Coming Soon Page