Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

WordPress Plugin Maintenance Mode Unspecified Vulnerability (1.3.3)

Description

WordPress Plugin Maintenance Mode is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Maintenance Mode version 1.3.3 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.4 or latest

References

https://wordpress.org/plugins/lj-maintenance-mode/changelog/

Related Vulnerabilities

WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)

WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-14722)

PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-1581)

Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-3630)

Severity

High

Tags

Missing Update