CVE-2024-1418

The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is enabled.
Configurations

No configuration.

History

08 Apr 2026, 17:18

Type Values Removed Values Added
CWE CWE-284

21 Nov 2024, 08:50

Type Values Removed Values Added
References () https://wordpress.org/plugins/cgc-maintenance-mode/ - () https://wordpress.org/plugins/cgc-maintenance-mode/ -
References () https://www.wordfence.com/threat-intel/vulnerabilities/id/1cd5fa89-ed3b-4ac1-9200-9f5eb26cb534?source=cve - () https://www.wordfence.com/threat-intel/vulnerabilities/id/1cd5fa89-ed3b-4ac1-9200-9f5eb26cb534?source=cve -

04 Apr 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-04 06:15

Updated : 2026-06-17 07:04


NVD link : CVE-2024-1418

Mitre link : CVE-2024-1418

CVE.ORG link : CVE-2024-1418


JSON object : View

Products Affected

No product.

CWE
CWE-284

Improper Access Control