CVE-2018-20155

MEDIUM

WP Maintenance Mode <2.0.7 - Auth Bypass

Title source: llm
STIX 2.1

Description

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.

References (1)

Core 1
Core References

Scores

CVSS v3 4.3
EPSS 0.0078
EPSS Percentile 51.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-862
Status published
Products (1)
designmodo/wp_maintenance_mode < 2.0.7
Published Dec 14, 2018
Tracked Since Feb 18, 2026