CVE-2022-1580 — MEDIUM (4.3)

Q: How severe is CVE-2022-1580?

CVE-2022-1580 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-1580?

Check the references section above for vendor advisories and patch information. Affected products include: Freehtmldesigns Site Offline.

Vulnerability Description

The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keywords to the URL's query string would bypass the plugin's main feature.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Freehtmldesigns	Site Offline	< 1.5.3

Related Weaknesses (CWE)

CWE-639

References

https://wpscan.com/vulnerability/7b6f91cd-5a00-49ca-93ff-db7220d2630aExploitThird Party Advisory
https://wpscan.com/vulnerability/7b6f91cd-5a00-49ca-93ff-db7220d2630aExploitThird Party Advisory

FAQ

What is CVE-2022-1580?

CVE-2022-1580 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Site Offline Or Coming Soon Or Maintenance Mode WordPress plugin before 1.5.3 prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keyword...

How severe is CVE-2022-1580?

CVE-2022-1580 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-1580?

Check the references section above for vendor advisories and patch information. Affected products include: Freehtmldesigns Site Offline.