Filtered by vendor Rstheme
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24546 | 1 Rstheme | 1 Ultimate Coming Soon \& Maintenance | 2025-06-09 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance allows Cross Site Request Forgery. This issue affects Ultimate Coming Soon & Maintenance: from n/a through 1.0.9. | ||||
| CVE-2025-24543 | 1 Rstheme | 1 Ultimate Coming Soon \& Maintenance | 2025-06-09 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance allows Cross Site Request Forgery. This issue affects Ultimate Coming Soon & Maintenance: from n/a through 1.0.9. | ||||
| CVE-2024-9706 | 1 Rstheme | 2 Ultimate-coming-soon, Ultimate Coming Soon \& Maintenance | 2025-06-05 | 5.3 Medium |
| The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ucsm_activate_lite_template_lite function in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to change the template used for the coming soon / maintenance page. | ||||
| CVE-2024-9705 | 1 Rstheme | 1 Ultimate Coming Soon \& Maintenance | 2025-06-05 | 4.3 Medium |
| The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsm_update_template_name_lite' function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the name of the plugin's templates. | ||||
Page 1 of 1.