VYPR

Cmp

by Niteothemes

Source repositories

CVEs (5)

  • CVE-2025-32118CriApr 4, 2025
    risk 0.59cvss 9.1epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through <= 4.1.14.

  • CVE-2020-36730HigJun 7, 2023
    risk 0.58cvss 8.3epss 0.02

    The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. This makes it possible for unauthenticated…

  • CVE-2025-62920MedOct 27, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webnique USERCENTRICS CMP usercentrics-consent-management-platform allows Stored XSS.This issue affects USERCENTRICS CMP: from n/a through <= 1.0.9.

  • CVE-2023-2159MedJun 9, 2023
    risk 0.27cvss 5.3epss 0.01

    The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmp_bypass GET parameter in the URL (equal to the md5-hashed home_url in the default setting) allows users to visit a site…

  • CVE-2022-0188Feb 14, 2022
    risk 0.00cvss epss 0.02

    The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.