WordPress Plugin Vulnerabilities

WP Maintenance Mode <= 2.0.6 - Authenticated Multisite Remote Code Execution

Description

The WP Maintenance Mode WordPress plugin was affected by an Authenticated Multisite Remote Code Execution security vulnerability.

Affects Plugins

Plugin icon
wp-maintenance-mode
Fixed in 2.0.7

References

CVE
CVE-2018-20156
URL
https://www.wordfence.com/blog/2016/07/3-vulnerabilities-wp-maintenance-mode/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
6af960c0-0400-41b6-8f52-5f9ca7240a4f

Timeline

Publicly Published
2016-07-06 (about 9 years ago)
Added
2016-07-11 (about 9 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2018-06-15
Title
Ultimate Form Builder Lite <= 1.3.7 - Multiple Vulnerabilities
Published
2014-02-27
Title
VideoWhisper Live Streaming Integration 4.27.3 - Multiple Vulnerabilities
Published
2016-10-18
Title
InPost Gallery <= 2.1.2 - LFI & Authenticated Stored XSS
Published
2016-03-07
Title
SP Projects & Document Manager < 2.6.0.0 - Multiple Vulnerabilities
Published
2019-07-08
Title
WP Slimstat <= 4.8.3 - CSRF to Stored XSS and Setting Updates