The Maintenance Page plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 1.0.8 via the REST API. This makes it possible for unauthenticated attackers to view post titles and content when the site is in maintenance mode.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-03-13T15:26:53.894Z

Updated: 2024-08-01T18:40:21.196Z

Reserved: 2024-02-12T20:45:55.466Z

Link: CVE-2024-1462

cve-icon Vulnrichment

Updated: 2024-07-31T19:51:46.938Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-13T16:15:22.830

Modified: 2024-11-21T08:50:38.210

Link: CVE-2024-1462

cve-icon Redhat

No data.