CVSS 3.1 Score 5.3 of 10 (medium)


Published Feb 28, 2024


CVE-2024-1136 is a vulnerability affecting the Coming Soon Page & Maintenance Mode plugin for WordPress. This vulnerability allows unauthorized access to data due to an improperly implemented URL check in the wpsm_coming_soon_redirect function. The vulnerability exists in all versions up to and including 2.2.1 of the plugin. As a result, unauthenticated attackers can potentially view the content of a site with maintenance mode or coming-soon mode enabled. The base severity of this vulnerability is rated as MEDIUM, with a base score of 5.3 according to the CVSS 3.1 scoring system. To remediate this vulnerability, affected users should update their plugin to the latest version available.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-1136 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options