Read Time:22 Second

The Coming Soon & Maintenance Mode Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.57. This is due to missing or incorrect nonce validation on the save_meta_box() function. This makes it possible for unauthenticated attackers to save meta boxes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Read More

More Stories

xen-4.19.1-3.fc41

FEDORA-2025-933a9a977e Packages in this update: xen-4.19.1-3.fc41 Update description: work around debugedit bug to fix aarch64 builds xen-hypervisor %post doesn't load...

thunderbird-128.6.0-1.fc40

FEDORA-2025-91031f9df9 Packages in this update: thunderbird-128.6.0-1.fc40 Update description: Update to 128.6.0 https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/ Read More

thunderbird-128.6.0-1.fc41

FEDORA-2025-2f5b9ab47b Packages in this update: thunderbird-128.6.0-1.fc41 Update description: Update to 128.6.0 https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/ Read More