Description
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently export settings and change maintenance mode themes. WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page version 2.15 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.17 or latest
References
Related Vulnerabilities
WordPress Plugin Simple Fields Cross-Site Scripting (1.4.10)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9933)
WordPress Plugin RSVPMaker SQL Injection (9.3.2)
WordPress Plugin Booking Calendar PHP Object Injection (9.1)
WordPress Improper Authentication Vulnerability (CVE-2009-2334)