CVE-2020-6168

HIGH EXPLOITED

WordPress Minimal Coming Soon & Maintenance Mode <2.10 - Privilege ...

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-6168 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting).

References (3)

Core 3

Scores

CVSS v3 7.6
EPSS 0.0195
EPSS Percentile 77.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Details

VulnCheck KEV 2022-12-05
CWE
CWE-862
Status published
Products (1)
webfactoryltd/minimal_coming_soon_\&_maintenance_mode < 2.10
Published Jan 09, 2020
Tracked Since Feb 18, 2026