VYPR

WP Maintenance Mode & Site Under Construction

by WordPress

CVEs (2)

  • CVE-2021-24191HigMay 14, 2021
    risk 0.57cvss 8.8epss 0.01

    Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate…

  • CVE-2025-49284MedJun 6, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Maintenance Mode & Site Under Construction wp-maintenance-mode-site-under-construction allows Cross Site Request Forgery.This issue affects WP Maintenance Mode & Site Under Construction: from n/a through <= 4.3.