CVE-2024-1462

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Mar 13, 2024

Summary

CVE-2024-1462 is a vulnerability affecting the Maintenance Page plugin for WordPress. This issue, present in versions up to 1.0.8, allows unauthenticated attackers to access post titles and content through the REST API while the site is in maintenance mode. This exposure of sensitive information poses a significant risk to WordPress sites running the vulnerable plugin. Users are urged to update to the latest version of the plugin to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ufx9kx
https://www.cve.org/CVERecord?id=CVE-2024-1462
https://nvd.nist.gov/vuln/detail/CVE-2024-1462

Back to Vulnerability Database

CVE-2024-1462

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations