VYPR
Vendor

Helderk

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2015-9429MedSep 26, 2019
    risk 0.42cvss 6.5epss 0.01

    The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter.

  • CVE-2025-10638MedOct 22, 2025
    risk 0.34cvss 5.3epss 0.00

    The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address

  • CVE-2024-1478MedMar 5, 2024
    risk 0.34cvss 5.3epss 0.01

    The Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.1 via the REST API. This makes it possible for unauthenticated attackers to obtain post and page content via API thus bypassing the content…

  • CVE-2024-32708LowMay 17, 2024
    risk 0.24cvss 3.7epss 0.00

    Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through 3.0.1.