CVE-2024-1181

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Mar 20, 2024

Summary

CVE-2024-1181: The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress contains a vulnerability that allows unauthenticated attackers to bypass maintenance mode. The plugin utilizes the REQUEST_URI to identify admin areas, rendering it susceptible to bypass attacks. This can enable attackers to access the site when it is in maintenance mode, potentially exposing confidential information. All versions up to and including 2.1.2 are affected.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uXoOiA
https://www.cve.org/CVERecord?id=CVE-2024-1181
https://nvd.nist.gov/vuln/detail/CVE-2024-1181

Back to Vulnerability Database

CVE-2024-1181

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations