ByteOS Network

ilyasine

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2024-9503

Assigner-Wordfence

View Details

Assigner-Wordfence

CVSS Score-4.3||MEDIUM

EPSS-0.14% / 33.23%

7 Day CHG~0.00%

Published-20 Dec, 2024 | 06:59

Updated-15 Apr, 2026 | 00:35

Maintenance & Coming Soon Redirect Animation <= 2.1.3 - Missing Authorization to Settings Update

The Maintenance & Coming Soon Redirect Animation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wploti_add_whitelisted_roles_option', 'wploti_remove_whitelisted_roles_option', 'wploti_add_whitelisted_users_option', 'wploti_remove_whitelisted_users_option', and 'wploti_uploaded_animation_save_option' functions in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify certain plugin settings.

Vendor-ilyasine

Product-Maintenance & Coming Soon Redirect Animation

CWE ID-CWE-284

Improper Access Control

CVE-2024-43944

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-Not Assigned

EPSS-0.10% / 28.02%

7 Day CHG~0.00%

Published-29 Aug, 2024 | 15:16

Updated-15 Apr, 2026 | 00:35

WordPress Maintenance & Coming Soon Redirect Animation plugin <= 2.3.3 - Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in ilyasine Maintenance & Coming Soon Redirect Animation maintenance-coming-soon-redirect-animation allows Identity Spoofing.This issue affects Maintenance & Coming Soon Redirect Animation: from n/a through <= 2.3.3.

Vendor-ilyasine

Product-Maintenance & Coming Soon Redirect Animation

CWE ID-CWE-290

Authentication Bypass by Spoofing