CVE-2024-38756 – WordPress Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-38756
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming Soon: from n/a through 1.6.3. The Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.3. This makes it possible for unauthenticated attackers to extract potentially sensitive information. • https://patchstack.com/database/vulnerability/responsive-coming-soon-page/wordpress-coming-soon-page-responsive-coming-soon-maintenance-mode-plugin-1-6-3-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-5657 – Coming Soon <= 1.1.18 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-5657
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title_icon parameter. Se ha descubierto un problema en el plugin responsive-coming-soon-page 1.1.18 para WordPress. Existe XSS mediante el parámetro counter_title_icon en wp-admin/admin.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md https://wpvulndb.com/vulnerabilities/9010 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-5658 – Coming Soon Page – Responsive Coming Soon & Maintenance Mode <= 1.1.18 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-5658
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. CSRF exists via wp-admin/admin.php. Se ha descubierto un problema en el plugin responsive-coming-soon-page 1.1.18 para WordPress. Existe CSRF mediante wp-admin/admin.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md https://wpvulndb.com/vulnerabilities/9010 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-5660 – Coming Soon Page – Responsive Coming Soon & Maintenance Mode <= 1.1.18 - Cross-Site Scripting via coming-soon_sub_title parameter
https://notcve.org/view.php?id=CVE-2018-5660
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_sub_title parameter. Se ha descubierto un problema en el plugin responsive-coming-soon-page 1.1.18 para WordPress. Existe XSS mediante el parámetro coming-soon_sub_title en wp-admin/admin.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md https://wpvulndb.com/vulnerabilities/9010 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-5659 – Coming Soon < 1.1.19 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-5659
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_title parameter. Se ha descubierto un problema en el plugin responsive-coming-soon-page 1.1.18 para WordPress. Existe XSS mediante el parámetro coming-soon_title en wp-admin/admin.php. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/responsive-coming-soon-page.md https://wpvulndb.com/vulnerabilities/9010 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •