What is the severity of CVE-2020-6168?

CVE-2020-6168 is classified as a high-severity vulnerability due to its potential impact on site availability and confidentiality.

How do I fix CVE-2020-6168?

To fix CVE-2020-6168, update the Minimal Coming Soon & Maintenance Mode plugin to version 2.11 or later.

Who is affected by CVE-2020-6168?

Authenticated users with basic access rights on sites using versions up to 2.10 of the Minimal Coming Soon & Maintenance Mode plugin are affected by CVE-2020-6168.

What impact does CVE-2020-6168 have on my website?

CVE-2020-6168 can allow unauthorized changes to website maintenance-mode settings, affecting availability and potentially exposing sensitive information.

Is there a way to check if my site is vulnerable to CVE-2020-6168?

You can check for CVE-2020-6168 vulnerability by reviewing the plugin version and ensuring it is updated to version 2.11 or later.

Vulnerability/
CVE-2020-6168

high

7.6

CWE

862

9/1/2020

4/8/2024

CVE-2020-6168

First published: Thu Jan 09 2020(Updated: )

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting).

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Webfactoryltd Minimal Coming Soon & Maintenance Mode	<=2.10

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-6168?
CVE-2020-6168 is classified as a high-severity vulnerability due to its potential impact on site availability and confidentiality.
How do I fix CVE-2020-6168?
To fix CVE-2020-6168, update the Minimal Coming Soon & Maintenance Mode plugin to version 2.11 or later.
Who is affected by CVE-2020-6168?
Authenticated users with basic access rights on sites using versions up to 2.10 of the Minimal Coming Soon & Maintenance Mode plugin are affected by CVE-2020-6168.
What impact does CVE-2020-6168 have on my website?
CVE-2020-6168 can allow unauthorized changes to website maintenance-mode settings, affecting availability and potentially exposing sensitive information.
Is there a way to check if my site is vulnerable to CVE-2020-6168?
You can check for CVE-2020-6168 vulnerability by reviewing the plugin version and ensuring it is updated to version 2.11 or later.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/last-modified-date
agent/severity
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/webfactoryltd
canonical/webfactoryltd minimal coming soon & maintenance mode
version/webfactoryltd minimal coming soon & maintenance mode/2.10

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2020-6168?
CVE-2020-6168 is classified as a high-severity vulnerability due to its potential impact on site availability and confidentiality.
How do I fix CVE-2020-6168?
To fix CVE-2020-6168, update the Minimal Coming Soon & Maintenance Mode plugin to version 2.11 or later.
Who is affected by CVE-2020-6168?
Authenticated users with basic access rights on sites using versions up to 2.10 of the Minimal Coming Soon & Maintenance Mode plugin are affected by CVE-2020-6168.
What impact does CVE-2020-6168 have on my website?
CVE-2020-6168 can allow unauthorized changes to website maintenance-mode settings, affecting availability and potentially exposing sensitive information.
Is there a way to check if my site is vulnerable to CVE-2020-6168?
You can check for CVE-2020-6168 vulnerability by reviewing the plugin version and ensuring it is updated to version 2.11 or later.