Medium severity5.3NVD Advisory· Published Mar 7, 2023· Updated Apr 8, 2026

CVE-2023-1263

Description

The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmp_get_post_detail function. This can allow unauthenticated individuals to obtain the contents of any non-password-protected, published post or page even when maintenance mode is enabled.

Affected products

Niteothemes/Coming Soon \& Maintenance
cpe:2.3:a:niteothemes:coming_soon_\&_maintenance:*:*:*:*:*:wordpress:*:*
Range: <=4.1.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

plugins.trac.wordpress.org/browser/cmp-coming-soon-maintenance/tags/4.1.6/niteo-cmp.phpnvdPatch
www.wordfence.com/threat-intel/vulnerabilities/id/e01b4259-ed8d-44a4-9771-470de45b14a8nvdThird Party Advisory
www.wordfence.com/threat-intel/vulnerabilities/id/e01b4259-ed8d-44a4-9771-470de45b14a8nvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.018
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000