Nixpkgs Security Tracker

Permalink CVE-2024-32708

3.7 LOW

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months ago

WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through 3.0.1.

References

https://patchstack.com/database/vulnerability/hkdev-maintenance-mode/wordpress-… vdb-entry
https://patchstack.com/database/vulnerability/hkdev-maintenance-mode/wordpress-… vdb-entry
https://patchstack.com/database/vulnerability/hkdev-maintenance-mode/wordpress-… x_transferred vdb-entry

Affected products

hkdev-maintenance-mode

=<3.0.1

Matching in nixpkgs

pkgs.wordpressPackages.plugins.hkdev-maintenance-mode

None

nixos-unstable -
- nixpkgs-unstable 3.1.3

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.wordpressPackages.plugins.hkdev-maintenance-mode