Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ultimate_coming_soon_\&_maintenance
(Rstheme)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-24 | CVE-2025-24546 | Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance allows Cross Site Request Forgery. This issue affects Ultimate Coming Soon & Maintenance: from n/a through 1.0.9. | Ultimate_coming_soon_\&_maintenance | N/A | ||
| 2025-01-24 | CVE-2025-24543 | Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance allows Cross Site Request Forgery. This issue affects Ultimate Coming Soon & Maintenance: from n/a through 1.0.9. | Ultimate_coming_soon_\&_maintenance | N/A | ||
| 2024-12-06 | CVE-2024-9705 | The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsm_update_template_name_lite' function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the name of the plugin's templates. | Ultimate_coming_soon_\&_maintenance | 4.3 | ||
| 2024-12-06 | CVE-2024-9706 | The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ucsm_activate_lite_template_lite function in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to change the template used for the coming soon / maintenance page. | Ultimate_coming_soon_\&_maintenance | N/A |