Description
The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address
Published: 2025-10-22
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Patch
AI Analysis

Impact

The NS Maintenance Mode for WP WordPress plugin up to version 1.3.1 contains a flaw in its subscriber export feature that does not enforce any authorization checks. As a result, anyone who can access the plugin endpoint can trigger the export and receive a file that lists every site subscriber’s name and email address. This vulnerability allows an attacker to obtain personally identifying information that could be used for phishing, spam, or social engineering campaigns. It is an example of an information disclosure weakness (CWE‑200).

Affected Systems

The issue exists in the NS Maintenance Mode for WP plugin for WordPress installations running any version through 1.3.1. Administrators who rely on this plugin for site status or maintenance should verify the installed version and ensure it is either upgraded or the export function is disabled.

Risk and Exploitability

The vulnerability has a CVSS score of 5.3, indicating moderate severity. The EPSS score is under 1 %, suggesting exploitation is unlikely at present, and the flaw is not listed in the CISA KEV catalog. The attack vector is unauthenticated, meaning no credentials or privileged access are required; any visitor who can reach the export URL can trigger the leak. Given the lack of further controls, the risk is limited to data exposure rather than a more destructive outcome.

Generated by OpenCVE AI on April 27, 2026 at 23:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the NS Maintenance Mode for WP plugin to a version newer than 1.3.1 that addresses the authorization check for the export function
  • If an upgrade is not immediately possible, disable or remove the subscriber export endpoint or block its URL via web‑application firewall rules
  • Consider implementing an additional layer of access control, such as requiring valid session tokens or user roles before allowing export of subscriber data
  • Regularly review installed plugins for known vulnerabilities and keep them updated to the latest secure releases

Generated by OpenCVE AI on April 27, 2026 at 23:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-284

Thu, 23 Oct 2025 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Wed, 22 Oct 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Oct 2025 06:15:00 +0000

Type Values Removed Values Added
Description The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address
Title NS Maintenance Mode for WP <= 1.3.1 - Unauthenticated Subscribers Export
References

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published:

Updated: 2026-04-02T12:39:50.738Z

Reserved: 2025-09-17T13:34:17.993Z

Link: CVE-2025-10638

cve-icon Vulnrichment

Updated: 2025-10-22T15:42:38.157Z

cve-icon NVD

Status : Deferred

Published: 2025-10-22T06:15:30.593

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-10638

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T23:45:15Z

Weaknesses