Search criteria
2 vulnerabilities found for CMP by Unknown
CVE-2022-0188 (GCVE-0-2022-0188)
Vulnerability from cvelistv5 – Published: 2022-02-14 09:20 – Updated: 2024-08-02 23:18
VLAI
Title
Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 - Unauthenticated Arbitrary CSS Update
Summary
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.
Severity
No CVSS data available.
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/50b6f770-6f53-41… | exploitvdb-entrytechnical-description |
| https://plugins.trac.wordpress.org/changeset/2657… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "CMP",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.0.19",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Krzysztof Zaj\u0105c"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T07:45:47.294Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332"
},
{
"tags": [
"patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Coming Soon \u0026 Maintenance Plugin by NiteoThemes \u003c 4.0.19 - Unauthenticated Arbitrary CSS Update",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0188",
"datePublished": "2022-02-14T09:20:58.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:42.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0188 (GCVE-0-2022-0188)
Vulnerability from nvd – Published: 2022-02-14 09:20 – Updated: 2024-08-02 23:18
VLAI
Title
Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 - Unauthenticated Arbitrary CSS Update
Summary
The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.
Severity
No CVSS data available.
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/50b6f770-6f53-41… | exploitvdb-entrytechnical-description |
| https://plugins.trac.wordpress.org/changeset/2657… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "CMP",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.0.19",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Krzysztof Zaj\u0105c"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-04T07:45:47.294Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332"
},
{
"tags": [
"patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Coming Soon \u0026 Maintenance Plugin by NiteoThemes \u003c 4.0.19 - Unauthenticated Arbitrary CSS Update",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0188",
"datePublished": "2022-02-14T09:20:58.000Z",
"dateReserved": "2022-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:42.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}